🔐 Small Misconfigurations, Big Consequences
Feb 16 · 2 min read · In security engineering, it's rarely the complex systems that bring organisations to their knees. More often, the real damage starts with something deceptively small: a missing IAM policy, an outdated dependency, a misconfigured firewall rule. These ...
Join discussion
Observing Baseline vs Anomalous Modbus Traffic: A Beginner’s ICS/OT Security Lab
Jan 7 · 7 min read · Introduction In support of my recent research into ICS/OT Security Operations, I wanted to set up a small, controlled environment where I could observe normal industrial network behavior identify meaningful deviations reason about that activity us...
Join discussion
Modernizing SecOps in Enterprises: A Comprehensive Guide
Nov 21, 2025 · 3 min read · In today’s fast-moving digital world, cyber threats are growing smarter and faster than ever. Traditional security operations (SecOps) are no longer enough to keep enterprises safe. Modern businesses need advanced SecOps practices, automation, AI-dri...
Join discussion
The Strategic IAM Policy: Mitigating High-Stakes Risks with Least Privilege for Your DevOps Team
Sep 3, 2025 · 7 min read · I’ve walked into more than one new consulting gig to find the AWS account is a minefield of over-permissioned IAM users. It usually starts with a familiar, stomach-dropping story. A junior engineer, armed with PowerUserAccess, tries to terminate a te...
Join discussionFrom Infra to Security: Why I’m Shifting My Focus in the Age of AI
Jul 12, 2025 · 2 min read · Where It All Started ? For the last few years, my focus has been building and supporting cloud infrastructure. As part of my work in DevOps and SRE, I’ve dealt with everything from Kubernetes, Terraform, CI/CD pipelines, to large-scale incident respo...
Join discussion
Cisco Umbrella: Entra ID IdP Federation Setup & Azure Sentinel SIEM Integration
Jul 10, 2025 · 9 min read · Section 1: Cisco Umbrella Identity Federation Configuration. Introduction. Cisco Umbrella is a cloud-delivered security platform that provides DNS-layer protection, secure web gateway (SWG), cloud-delivered firewall, and cloud access security broker ...
Join discussion
From Static Keys to Dynamic Secrets: A Modern SecOps Blueprint
Jul 3, 2025 · 7 min read · We’ve all seen it. That one critical file production.tfvars or secrets.env, containing master database password or your cloud provider keys. It’s the skeleton in almost every setup, we convince ourselves that we will rotate it “later”, but we all kno...
Join discussionUnderstanding MTTA and MTTR in Cyber Security Operations.
Jun 23, 2025 · 3 min read · Introduction. In a world where organisations rely on complex digital systems, the ability to respond quickly to incidents can be the difference between a minor disruption and a major breach. Two essential metrics that help measure and improve respons...
TTaji commented
Microsoft Azure Lighthouse: Sentinel Across Multi-Tenant Environments.
Jun 16, 2025 · 2 min read · Introduction. Security teams within Managed Security Service Providers (MSSPs) or multi-brand organisations often require visibility into several isolated Microsoft Sentinel instances. Without centralisation, analysts must switch between portals or a...
Join discussion