Security Guides
Deep-dive playbooks, startup fundamentals, enterprise hardening.
AI Compliance for Indian Organisations in 2026
Indian AI compliance landscape — DPDP for data, sectoral regulators (RBI/SEBI/IRDAI/CDSCO), Digital India Bill, EU AI Act extra-territoriality. Practical compliance: classification, documentation,…
Security GuidesDark Web OSINT: Tor, I2P, and Investigation Workflow
Dark-web OSINT for security teams — Tor / I2P setup, ransomware blogs, marketplaces, IAB ads, Indian-context findings (leaked Aadhaar/PAN datasets), automated monitoring…
Security GuidesGeolocation and Chronolocation Techniques for OSINT
Geolocation methods — EXIF, reverse search, visual cues, street view matching, satellite imagery. Chronolocation via sun/shadow position, advertisements, vehicles, vegetation, weather records.
Red TeamingLLM Red-Teaming Methodology in 2026
LLM red-team workflow — OWASP LLM Top 10, scoping, direct prompt injection, indirect injection, sensitive info disclosure, excessive agency, DoS. Tools: PyRIT,…
Red TeamingPrompt Injection: Direct vs Indirect Attacks
Prompt injection variants — direct (user jailbreaks), indirect (malicious instructions in processed content). Real attack examples, encoding bypasses, multi-turn manipulation, RAG-based injection.…
Security GuidesAI Model Poisoning: Training, Fine-Tuning, RAG
Model poisoning variants — training data, fine-tuning, RAG document poisoning, backdoor attacks. Detection (provenance, anomaly, activation analysis). Defences (data hygiene, robust training,…
ComplianceRBI Cyber Incident Reporting: The 2-6 Hour Playbook
RBI's cyber-incident reporting timelines (2-6 hours) demand a pre-built playbook. Pre-drafted email templates, decision tree, multi-regulator coordination matrix, common mistakes.
Security GuidesRAG Security: Retrieval-Augmented Generation Attack Surface
RAG-specific attacks — document poisoning, indirect prompt injection, authorisation bypass via retrieval, embedding-based attacks, knowledge-base data exfiltration. Document, retrieval, and LLM-side defences.
ComplianceRBI IT Outsourcing Incident Response: When Vendor Cyber Incidents Become Yours
RBI Master Direction on IT Outsourcing makes vendor incidents your incidents. Contractual prerequisites (4-hour notification, forensic access), playbook for vendor-side incidents, vendor…
Red TeamingAI Agent Security: Securing Autonomous LLM Systems
AI agent attack surface — prompt injection via tool inputs (RCE-equivalent), tool chaining for escalation, excessive permissions, state-persistence attacks. Capability separation +…