Security Guides
Deep-dive playbooks, startup fundamentals, enterprise hardening.
Geolocation and Chronolocation Techniques for OSINT
Geolocation methods — EXIF, reverse search, visual cues, street view matching, satellite imagery. Chronolocation via sun/shadow position, advertisements, vehicles, vegetation, weather records.
Red TeamingLLM Red-Teaming Methodology in 2026
LLM red-team workflow — OWASP LLM Top 10, scoping, direct prompt injection, indirect injection, sensitive info disclosure, excessive agency, DoS. Tools: PyRIT,…
Red TeamingPrompt Injection: Direct vs Indirect Attacks
Prompt injection variants — direct (user jailbreaks), indirect (malicious instructions in processed content). Real attack examples, encoding bypasses, multi-turn manipulation, RAG-based injection.…
Security GuidesAI Model Poisoning: Training, Fine-Tuning, RAG
Model poisoning variants — training data, fine-tuning, RAG document poisoning, backdoor attacks. Detection (provenance, anomaly, activation analysis). Defences (data hygiene, robust training,…
ComplianceRBI Cyber Incident Reporting: The 2-6 Hour Playbook
RBI's cyber-incident reporting timelines (2-6 hours) demand a pre-built playbook. Pre-drafted email templates, decision tree, multi-regulator coordination matrix, common mistakes.
Security GuidesRAG Security: Retrieval-Augmented Generation Attack Surface
RAG-specific attacks — document poisoning, indirect prompt injection, authorisation bypass via retrieval, embedding-based attacks, knowledge-base data exfiltration. Document, retrieval, and LLM-side defences.
ComplianceRBI IT Outsourcing Incident Response: When Vendor Cyber Incidents Become Yours
RBI Master Direction on IT Outsourcing makes vendor incidents your incidents. Contractual prerequisites (4-hour notification, forensic access), playbook for vendor-side incidents, vendor…
Red TeamingAI Agent Security: Securing Autonomous LLM Systems
AI agent attack surface — prompt injection via tool inputs (RCE-equivalent), tool chaining for escalation, excessive permissions, state-persistence attacks. Capability separation +…
ComplianceSEBI CSCRF Incident Reporting Workflow
SEBI CSCRF incident reporting via Compliance Portal — fields, ATT&CK mapping requirement, attached PDF report structure, decision tree, MII-specific obligations.
Security GuidesIndian BFSI Threat Actor Landscape 2026
Four threat-actor categories targeting Indian BFSI in 2026 — financially-motivated ransomware (RansomHub, Akira), BEC / wire-fraud groups, nation-state aligned APTs, insider threats.…