Incident Response
IR playbooks, breach response, forensics, regulator notification timelines.
MDR vs SOC vs SIEM: What Indian SMBs Actually Need in 2026
SIEM is a tool, a SOC is a team, MDR is a service. What Indian SMBs actually need for 24x7 threat detection…
ComplianceHealthcare Cybersecurity India 2026: Stop the Ransomware
Why Indian hospitals are prime ransomware targets in 2026, the regulatory stack they must meet, and a defence checklist that holds.
ComplianceCERT-In 6 Hour Reporting: 2026 Compliance Playbook for India
A practitioner's 2026 playbook for meeting CERT-In's 6 hour incident reporting clock, log retention and NTP mandates in India.
Incident ResponseRansomware in India 2026: From Data Leaks to Shutdowns
The 2026 ransomware reality in India has shifted from data theft to shutting operations down — here is how to defend.
ComplianceThe 6-Hour Rule: Building One Breach Playbook for CERT-In, DPDP, and RBI
CERT-In: 6 hours. DPDP: 72. RBI/SEBI/IRDAI: their own. One incident, five clocks — here is how to run them as one playbook.
ComplianceNon-Human Identity (NHI) Security: The 2026 CISO Architecture Guide
Service accounts, API keys, OAuth grants, and AI agent identities outnumber humans 30 to 80 times. A practical NHI governance framework for…
Cloud SecurityCloud Detection and Response for AWS: Threat Hunting Playbook for 2026
A practitioner playbook for AWS CDR. CloudTrail rules, GuardDuty triage, three end-to-end response playbooks, and the telemetry stack Indian SOCs need.
Incident ResponseScenario Brief: Anatomy of a High-Risk Patch Tuesday for Windows Estate Defenders
Tabletop-ready scenario: a hypothetical Patch Tuesday with twin Print Spooler bugs echoing PrintNightmare. Domain-controller priority and SOC detection workflow.
Incident ResponseScenario Brief: Ransomware Tradecraft Against Indian Hospitals via Unpatched Backups
Tabletop-ready scenario: ransomware affiliates targeting Veeam backup servers as initial access. ABDM propagation risk and the hospital defender checklist.
Cloud SecurityScenario Brief: Pod Escape via Cgroup Namespace TOCTOU — A Containerd Threat Model
Tabletop-ready scenario: a hypothetical containerd pod-escape via TOCTOU race. Why baseline Pod Security Admission is no longer enough and what to harden.