Author: Nikhil

The Zero Trust Network Security (ZTNS) software is an essential part of almost all security stacks now. However, like all other security technologies, this is also an eternal battle between the red/black and white hats. So, the products need to be updated to be able to successfully face the latest types of threats. But the security landscape is not the only factor changing dynamically. Zero Trust’s very definition expands every year, from network segmentation (2019–21) to identity-driven access (2022–23), to full-stack “trust orchestration” (2024–25). Vendors also keep updating products to enhance the threat-fighting capabilities. A yearly comparison shows how analysts…

In battles, innovation matters. The Mongol cavalry, led by Genghis Khan, was highly effective because of various strategies and tools, like the composite bow and rotating horses. What is true for attack is also true for defense. However, even these innovations can fail against an outnumbered enemy that is implementing a proper strategy with much fewer resources. So why are we starting off a blog about SOC modernization and financial realities? Because the current threat landscape is nothing short of a war between two sides that are consistently trying to find innovations to defeat the other, and only one…

Endpoints remain a popular attack vector. Factors like the proliferation of IoT devices and trends like remote and work from home have destroyed the traditional idea of perimeter. This has made endpoint hardening a primary need to maintain and improve your enterprise’s security posture. Operational Measures Anything that needs to be implemented across an enterprise should necessarily begin at the operational level. Operational discipline ensures that whatever controls an organization can already enforce are fully enabled, integrated, and continuously enforced. While tooling is abundant, attackers generally succeed because of inconsistency, not invisibility. 1. Enforcing patch compliance: Most enterprises have a…

To paraphrase Mark Twain, the reports of the impending death of SD-WAN following the rise of hybrid/remote work have been exaggerated. Its ability to connect distributed infrastructure, enabling direct, intelligent cloud connection, and providing network visibility ensure the technology remains popular and has adapted to include provisions like zero trust and next-generation firewalls. The second technology we are talking about here, edge networking, helps provide better internet speeds by coming closer to the point of origin of the data, and has many other benefits. Thus, the integration of these two technologies makes sense. SD-WAN helps distributed workplaces to centralize control…

Vibe or AI-assisted coding is the “in” thing right now. It is clear why. First and foremost, AI models have now improved to the extent of producing workable code. Consequently, AI can allow faster coding, which means a shortened development life cycle and quicker time to go to market. Unlike the parable, the markets favor the hare, not the tortoise. Lastly, it allows people with less coding experience to generate production-level code. Unfortunately, since it also uses LLMs, it is also as much of a minefield as GenAI outputs. First and foremost, since developers are not developing code from scratch…

Going by their ubiquity, we can safely say that the API economy is booming. The APIs allow systems to connect rapidly and seamlessly. This ability has enabled collaboration between companies, developers, and consumers and created new opportunities for innovation, efficiency, and revenue generation. The ability has also made APIs a target for bad actors. A compromised API provides various “benefits,” including access to sensitive data and logic, and access to even more APIs, expanding the attack surface exponentially. That brings us to the point: How secure are your APIs, really, and how quickly can we do an API risk audit…

How does the idiom go? If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck, right? Well, it is not strictly true. The cybersecurity domain provides plenty of such examples. One is JSON Web Tokens (JSON). The idiom, in this case, goes: If it looks unencrypted, contains something resembling encrypted gibberish, it may very well not be encrypted. And considering JWTs are basically tokens that ensure access to all types of data, it is not hard to understand why they can be a lucrative asset for any bad actor.…

Technology is a funny thing. It can create and destroy. The starkest example of this duality is nuclear technology. It was used to annihilate more than 200,000 people in Hiroshima and Nagasaki. Nuclear weapons continue to pose a grave threat to mankind. The same technology is also used to generate electricity. A similar situation exists in the cybersecurity sector, where a lot of technology is used to secure systems and compromise them. The first (and the most obvious) candidate is Artificial Intelligence/ Machine Learning (AI/ML), including Agentic AI, which we have discussed here. Let us look at some other dual-use…

Privileged Access is a double-edged sword. In the right hands, they are useful for modern enterprises to stay functional; they can also be used to bring the company operations to a grinding halt in the wrong hands. Securing access to such accounts is a critical process. The market continues to grow, driven by factors like rising breaches through privileged credentials, expansion of cloud and SaaS workloads requiring new privilege models, regulatory pressure, and a surge in identity/security budgets. Let us look at the likely market trends in 2026. AI/ML incorporation: This one is really a no-brainer, considering the technology being…

The world runs on the cloud. One outage can create a lot of havoc. However, an outage is not the only situation likely caused by humans. The second, and worse situation, is problems arising out of misconfiguration. Why do the issues with configuration arise in the first place? The biggest reason is that the network environment is getting increasingly complex. The increasing number of interconnected systems means increased use of APIs, which are not always properly documented. This lack of visibility leaves the door wide open for the bad actors to barge in. OAuth tokens are another precious resource, as…