Security Guides · 91 articles

Security Guides

Deep-dive playbooks, startup fundamentals, enterprise hardening.

Compliance

DPDP Act Operational Compliance: A 2026 Data Fiduciary Engineering Playbook

Moving beyond DPDP commentary to engineering execution. Data inventory, consent engineering, right-to-erasure implementation, and the 72-hour breach runbook.

May 22, 2026 · 8 min read
Incident Response

Scenario Brief: Anatomy of a High-Risk Patch Tuesday for Windows Estate Defenders

Tabletop-ready scenario: a hypothetical Patch Tuesday with twin Print Spooler bugs echoing PrintNightmare. Domain-controller priority and SOC detection workflow.

May 22, 2026 · 3 min read
Compliance

Scenario Brief: Tracking SBOM Readiness Among SEBI-Regulated Intermediaries

Tabletop-ready compliance scenario: where stockbrokers and depository participants stand against the SEBI CSCRF Phase 2 SBOM requirement and the 30-day sprint plan.

May 22, 2026 · 2 min read
Academy

Module 7 · Cloud-Native Security Architecture — Kubernetes, Service Mesh, Serverless

Why this module exists. Cloud-native architecture moves so much of the trust boundary into automation that the security architecture must shift correspondingly.…

May 14, 2026 · 4 min read
Academy

Module 6 · Threat Modelling at the Architecture Stage

Why this module exists. Threat modelling is referenced in every security architecture guide and practised by few engineering teams. The reason: it…

May 14, 2026 · 3 min read
Academy

Module 4 · Service Mesh Security — Istio, Linkerd, mTLS-Everywhere

Why this module exists. Microservices security cannot be solved at the firewall — there are too many internal calls, the topology changes…

May 14, 2026 · 4 min read
Academy

Module 5 · Reference Architecture for Indian Regulated Workloads

Why this module exists. Architects designing for Indian regulated workloads navigate four to six overlapping regulator expectations. The cost of architecting for…

May 14, 2026 · 3 min read
Academy

Module 3 · Zero Trust Architecture — From Principle to Production

Why this module exists. “We’re doing Zero Trust” is said by Indian enterprises that have simply renamed their VPN. This module covers…

May 14, 2026 · 3 min read
Academy

Module 6 · Secure Destruction of Media and Hardware

Why this module exists. The data that you forgot was there is the data that becomes a breach. Every device that has…

May 14, 2026 · 4 min read
Academy

Module 5 · Environmental Controls — Power, HVAC, Fire Suppression

Why this module exists. The most-common Indian data-centre incident is not a cyber attack — it is an HVAC failure during summer,…

May 14, 2026 · 4 min read
1 2 3 4 10