AI Security
LLM
OWASP
AI Security Field Guide: Securing the LLM Stack with Open Source
Every team shipping AI now owns a new attack surface. A practitioner's map of the OWASP LLM Top 10 and the open source tools that let you test, guard, and govern your models, without a single vendor licence. Prompt injection, red-teaming with garak and PyRIT, runtime guardrails, and continuous evaluation.
Cryptography
Post-Quantum
Migration
Post-Quantum Migration: Inventory First, Agility Second, Algorithms Last
A post-quantum migration is inventory first, agility second, and algorithms last. What a quantum computer actually breaks, why harvest-now-decrypt-later makes it urgent, the NIST standards, and the order that works in practice.
Cloud Security
IAM
Blast Radius
Cloud IAM and Blast Radius: Over-Privileged Roles and Least Privilege
Most cloud breaches are not clever. They are an over-privileged identity doing exactly what it was allowed to do. Blast radius, why least privilege is hard, the escalation paths people miss, and the guardrails that contain a single compromised identity.
Cryptography
PKI
Key Rotation
Cryptographic Keys and PKI: Key Material, Rotation, and What Holds Up in Production
Most cryptography failures are not broken algorithms. They are mismanaged keys. Key material, HSMs and KMS, envelope encryption, PKI and the trust chain, and why rotating a key does not re-encrypt your data. Plus the certificate lifetime changes coming through 2029.
Threat Intelligence
SOC
MITRE ATT&CK
Threat Intelligence Platforms: The Honest Conversation
Most threat intelligence platforms become shelfware within 18 months, and it is rarely the platform's fault. The honest version: the three types of intelligence, the integration work vendors gloss over, open source versus commercial, and the three questions to answer before you buy.
Cloud Governance
FinOps
AWS
FinOps: The Accountability Problem Nobody Wants to Name
The tooling is not the problem. Apptio, CloudHealth and Cost Explorer all solve visibility. FinOps stalls because the engineer who deploys the infrastructure never sees the bill, and security controls like NAT gateways and CloudTrail quietly drive the spend.
Cloud Security
AWS
Key Management
Cloud HSM: What the Vendor Documentation Skips Over
Three paths, one decision. The honest comparison of AWS KMS, CloudHSM custom key store, and CloudHSM direct, including the operational costs that never appear on the pricing page.
AI Security
RAG
Governance
Broken RAG vs Governed RAG Pipelines
Why AI security starts before the prompt. Comparing ungoverned and well-governed retrieval-augmented generation architectures and what goes wrong when governance is missing.
OT Security
Segmentation
CNI
Enterprise OT Security & Network Segmentation Frameworks
Building cyber resilience across modern industrial environments undergoing rapid digital transformation, covering OT/IT integration risks and segmentation strategy.
OT Security
Manufacturing
Identity Risk
OT Cybersecurity in Manufacturing: One Compromised Identity Can Stop an Entire Business
How weak identity controls and legacy OT security can halt manufacturing operations. Lessons from Honda, JLR, and real-world automotive industry experience.
MITRE ATT&CK
ATLAS
Threat Intel
MITRE ATT&CK vs MITRE ATLAS: Understanding Modern Threat-Informed Defence
A structured breakdown of both frameworks, covering how to map detection capabilities, improve security controls, and build a threat-informed defence posture.
AI Security
SABSA
AWS
AI Security Assessment Blueprint (SABSA-Aligned for AWS & Enterprise AI)
A practical AI security assessment blueprint aligned to SABSA, demonstrating how to secure AI systems using AWS secure RAG design patterns.
Cloud Security
AWS
Azure
Secure Cloud Landing Zone Architecture: Private APIs, ECS, and Compliance Controls
Exploring a secure cloud landing zone architecture across AWS and Azure, covering private APIs, ECS workloads, and compliance-led design principles.
GRC
AI Governance
Risk
GRC in the Age of AI: Why Governance Matters More Than Ever
How traditional GRC frameworks must evolve to keep pace with the speed and opacity of AI adoption across enterprise environments.
Assume Breach
BAS
Validation
Assume Breach and Continuous Security Validation
Why pen tests and vulnerability scans are not enough. The case for continuous security validation and how Breach Attack Simulation changes the assurance model.
Zero Trust
Zscaler
SSE
Zero Trust in Practice: Where Does Zscaler Fit Within a Modern Security Architecture?
Zero Trust is failing in many organisations not because the strategy is wrong, but because the trust model never really changed. How Zscaler SSE addresses the gap.
LLM
AI Governance
Architecture
Public vs Private LLMs: Security, Governance and Architecture Considerations
Understanding the security and governance trade-offs between public and private LLMs, and how to adopt AI responsibly within regulated enterprise environments.
SOC
AI
Detection
Security Operations Centres Are Evolving
How AI is transforming the SOC, enhancing detection, reducing noise, and improving response times across modern enterprise security operations.
STRIDE
Threat Modelling
Cloud
From Threat Modelling to Threat Detection: Making STRIDE Work in Cloud Environments
A practical guide to using STRIDE in cloud environments, moving from early threat modelling to stronger threat detection and response at enterprise scale.
AWS
Secure by Design
Architecture
Secure by Design for Consultancy-Led AWS Architecture
A practical AWS secure-by-design reference architecture for consultancy teams delivering cloud transformation programmes in regulated and enterprise environments.
Landing Zone
AWS
Azure
Cloud Landing Zone Accelerators: Secure-by-Design Architectures for AWS, Azure and GCP
Most cloud projects rebuild the same foundations repeatedly. A set of landing zone accelerators to establish networking, identity, logging, and security controls from day one.
AWS
Azure
Multi-cloud
Cloud Service Mapping: AWS vs Azure vs GCP
How core services align across AWS, Azure, and GCP covering compute, storage, networking, security, and more. Useful for multi-cloud environments and platform transitions.
Cloud Security
Risk
AWS
Common Security Mistakes in Cloud Architecture
A practical look at common cloud security mistakes and how to avoid them, based on real-world experience designing secure AWS and enterprise cloud architectures.
API Security
STRIDE
Threat Modelling
API Security and STRIDE Threat Modelling in Modern Architectures
An introduction to API security using STRIDE threat modelling, highlighting how to identify and mitigate risks early in the design lifecycle.
AWS
Landing Zone
Enterprise
Designing Secure AWS Landing Zones for Enterprise
A practical overview of designing secure AWS landing zones, covering multi-account architecture, governance controls, and security guardrails for enterprise deployments.
No articles match this filter.