25 articles
AI Security LLM OWASP
AI Security Field Guide: Securing the LLM Stack with Open Source
Every team shipping AI now owns a new attack surface. A practitioner's map of the OWASP LLM Top 10 and the open source tools that let you test, guard, and govern your models, without a single vendor licence. Prompt injection, red-teaming with garak and PyRIT, runtime guardrails, and continuous evaluation.
11 July 2026
~9 min read
Cryptography Post-Quantum Migration
Post-Quantum Migration: Inventory First, Agility Second, Algorithms Last
A post-quantum migration is inventory first, agility second, and algorithms last. What a quantum computer actually breaks, why harvest-now-decrypt-later makes it urgent, the NIST standards, and the order that works in practice.
9 July 2026
~13 min read
Cloud Security IAM Blast Radius
Cloud IAM and Blast Radius: Over-Privileged Roles and Least Privilege
Most cloud breaches are not clever. They are an over-privileged identity doing exactly what it was allowed to do. Blast radius, why least privilege is hard, the escalation paths people miss, and the guardrails that contain a single compromised identity.
7 July 2026
~14 min read
Cryptography PKI Key Rotation
Cryptographic Keys and PKI: Key Material, Rotation, and What Holds Up in Production
Most cryptography failures are not broken algorithms. They are mismanaged keys. Key material, HSMs and KMS, envelope encryption, PKI and the trust chain, and why rotating a key does not re-encrypt your data. Plus the certificate lifetime changes coming through 2029.
30 June 2026
~15 min read
Threat Intelligence SOC MITRE ATT&CK
Threat Intelligence Platforms: The Honest Conversation
Most threat intelligence platforms become shelfware within 18 months, and it is rarely the platform's fault. The honest version: the three types of intelligence, the integration work vendors gloss over, open source versus commercial, and the three questions to answer before you buy.
30 June 2026
~13 min read
Cloud Governance FinOps AWS
FinOps: The Accountability Problem Nobody Wants to Name
The tooling is not the problem. Apptio, CloudHealth and Cost Explorer all solve visibility. FinOps stalls because the engineer who deploys the infrastructure never sees the bill, and security controls like NAT gateways and CloudTrail quietly drive the spend.
23 June 2026
~11 min read
Cloud Security AWS Key Management
Cloud HSM: What the Vendor Documentation Skips Over
Three paths, one decision. The honest comparison of AWS KMS, CloudHSM custom key store, and CloudHSM direct, including the operational costs that never appear on the pricing page.
16 June 2026
~12 min read
AI Security RAG Governance
Broken RAG vs Governed RAG Pipelines
Why AI security starts before the prompt. Comparing ungoverned and well-governed retrieval-augmented generation architectures and what goes wrong when governance is missing.
12 May 2026
~8 min read
OT Security Segmentation CNI
Enterprise OT Security & Network Segmentation Frameworks
Building cyber resilience across modern industrial environments undergoing rapid digital transformation, covering OT/IT integration risks and segmentation strategy.
12 May 2026
~12 min read
OT Security Manufacturing Identity Risk
OT Cybersecurity in Manufacturing: One Compromised Identity Can Stop an Entire Business
How weak identity controls and legacy OT security can halt manufacturing operations. Lessons from Honda, JLR, and real-world automotive industry experience.
12 May 2026
~10 min read
MITRE ATT&CK ATLAS Threat Intel
MITRE ATT&CK vs MITRE ATLAS: Understanding Modern Threat-Informed Defence
A structured breakdown of both frameworks, covering how to map detection capabilities, improve security controls, and build a threat-informed defence posture.
12 May 2026
~10 min read
AI Security SABSA AWS
AI Security Assessment Blueprint (SABSA-Aligned for AWS & Enterprise AI)
A practical AI security assessment blueprint aligned to SABSA, demonstrating how to secure AI systems using AWS secure RAG design patterns.
5 May 2026
~11 min read
Cloud Security AWS Azure
Secure Cloud Landing Zone Architecture: Private APIs, ECS, and Compliance Controls
Exploring a secure cloud landing zone architecture across AWS and Azure, covering private APIs, ECS workloads, and compliance-led design principles.
4 May 2026
~10 min read
GRC AI Governance Risk
GRC in the Age of AI: Why Governance Matters More Than Ever
How traditional GRC frameworks must evolve to keep pace with the speed and opacity of AI adoption across enterprise environments.
3 May 2026
~9 min read
Assume Breach BAS Validation
Assume Breach and Continuous Security Validation
Why pen tests and vulnerability scans are not enough. The case for continuous security validation and how Breach Attack Simulation changes the assurance model.
30 Apr 2026
~11 min read
Zero Trust Zscaler SSE
Zero Trust in Practice: Where Does Zscaler Fit Within a Modern Security Architecture?
Zero Trust is failing in many organisations not because the strategy is wrong, but because the trust model never really changed. How Zscaler SSE addresses the gap.
29 Apr 2026
~9 min read
LLM AI Governance Architecture
Public vs Private LLMs: Security, Governance and Architecture Considerations
Understanding the security and governance trade-offs between public and private LLMs, and how to adopt AI responsibly within regulated enterprise environments.
28 Apr 2026
~9 min read
SOC AI Detection
Security Operations Centres Are Evolving
How AI is transforming the SOC, enhancing detection, reducing noise, and improving response times across modern enterprise security operations.
24 Apr 2026
~8 min read
STRIDE Threat Modelling Cloud
From Threat Modelling to Threat Detection: Making STRIDE Work in Cloud Environments
A practical guide to using STRIDE in cloud environments, moving from early threat modelling to stronger threat detection and response at enterprise scale.
22 Apr 2026
~10 min read
AWS Secure by Design Architecture
Secure by Design for Consultancy-Led AWS Architecture
A practical AWS secure-by-design reference architecture for consultancy teams delivering cloud transformation programmes in regulated and enterprise environments.
21 Apr 2026
~8 min read
Landing Zone AWS Azure
Cloud Landing Zone Accelerators: Secure-by-Design Architectures for AWS, Azure and GCP
Most cloud projects rebuild the same foundations repeatedly. A set of landing zone accelerators to establish networking, identity, logging, and security controls from day one.
21 Apr 2026
~10 min read
AWS Azure Multi-cloud
Cloud Service Mapping: AWS vs Azure vs GCP
How core services align across AWS, Azure, and GCP covering compute, storage, networking, security, and more. Useful for multi-cloud environments and platform transitions.
16 Apr 2026
~7 min read
Cloud Security Risk AWS
Common Security Mistakes in Cloud Architecture
A practical look at common cloud security mistakes and how to avoid them, based on real-world experience designing secure AWS and enterprise cloud architectures.
15 Apr 2026
~8 min read
API Security STRIDE Threat Modelling
API Security and STRIDE Threat Modelling in Modern Architectures
An introduction to API security using STRIDE threat modelling, highlighting how to identify and mitigate risks early in the design lifecycle.
12 Apr 2026
~8 min read
AWS Landing Zone Enterprise
Designing Secure AWS Landing Zones for Enterprise
A practical overview of designing secure AWS landing zones, covering multi-account architecture, governance controls, and security guardrails for enterprise deployments.
12 Apr 2026
~9 min read
No articles match this filter.
Want these insights in your feed?
Follow on LinkedIn or Medium for new articles on cloud security, AI governance, and enterprise architecture.