Incident Response · 26 articles

Incident Response

IR playbooks, breach response, forensics, regulator notification timelines.

Incident Response

MDR vs SOC vs SIEM: What Indian SMBs Actually Need in 2026

SIEM is a tool, a SOC is a team, MDR is a service. What Indian SMBs actually need for 24x7 threat detection…

Jun 17, 2026 · 9 min read
Compliance

Healthcare Cybersecurity India 2026: Stop the Ransomware

Why Indian hospitals are prime ransomware targets in 2026, the regulatory stack they must meet, and a defence checklist that holds.

Jun 16, 2026 · 6 min read
Compliance

CERT-In 6 Hour Reporting: 2026 Compliance Playbook for India

A practitioner's 2026 playbook for meeting CERT-In's 6 hour incident reporting clock, log retention and NTP mandates in India.

Jun 16, 2026 · 6 min read
Incident Response

Ransomware in India 2026: From Data Leaks to Shutdowns

The 2026 ransomware reality in India has shifted from data theft to shutting operations down — here is how to defend.

Jun 15, 2026 · 6 min read
Compliance

The 6-Hour Rule: Building One Breach Playbook for CERT-In, DPDP, and RBI

CERT-In: 6 hours. DPDP: 72. RBI/SEBI/IRDAI: their own. One incident, five clocks — here is how to run them as one playbook.

May 25, 2026 · 1 min read
Compliance

Non-Human Identity (NHI) Security: The 2026 CISO Architecture Guide

Service accounts, API keys, OAuth grants, and AI agent identities outnumber humans 30 to 80 times. A practical NHI governance framework for…

May 22, 2026 · 8 min read
Cloud Security

Cloud Detection and Response for AWS: Threat Hunting Playbook for 2026

A practitioner playbook for AWS CDR. CloudTrail rules, GuardDuty triage, three end-to-end response playbooks, and the telemetry stack Indian SOCs need.

May 22, 2026 · 7 min read
Incident Response

Scenario Brief: Anatomy of a High-Risk Patch Tuesday for Windows Estate Defenders

Tabletop-ready scenario: a hypothetical Patch Tuesday with twin Print Spooler bugs echoing PrintNightmare. Domain-controller priority and SOC detection workflow.

May 22, 2026 · 3 min read
Incident Response

Scenario Brief: Ransomware Tradecraft Against Indian Hospitals via Unpatched Backups

Tabletop-ready scenario: ransomware affiliates targeting Veeam backup servers as initial access. ABDM propagation risk and the hospital defender checklist.

May 22, 2026 · 2 min read
Cloud Security

Scenario Brief: Pod Escape via Cgroup Namespace TOCTOU — A Containerd Threat Model

Tabletop-ready scenario: a hypothetical containerd pod-escape via TOCTOU race. Why baseline Pod Security Admission is no longer enough and what to harden.

May 22, 2026 · 2 min read