Author: Nikhil

While we may think ransomware is a 20th-century phenomenon, it has existed in its most primitive form almost from 75 BCE. This is kidnapping of data for ransom, and the angle of physical harm and personal danger is also covered when medical facilities are targeted, as seen by the 2025 NHS breach. It has already been “democratized” by becoming available as a service, and anyone knowing the right TOR addresses can use it. And so, as a new year approaches, we must ask, will it get any better (for us), or worse (for us, again)? Let us be real, it…

While adoption of SASE is accelerating across all sectors due to a variety of reasons, their approach to solve their clients’ network architecture is not the same across the aisle. Some vendors like Fortinet and Cisco have evolved from security and networking backgrounds, while vendors like Cato Networks began as pure SASE vendors. This background is critical in influencing customers’ choice between consolidation with one provider and composing a stack from several. There is a rising trend towards opting for a single vendor rather than compiling a stack through procurements from various vendors. Let us see what factors are influencing this…

Digitalized healthcare provides numerous benefits. These include improved patient outcomes through personalized care, enhanced access to services via telemedicine, and increased efficiency in healthcare delivery. These technologies also help reduce costs and empower patients to take control of their health. However, the benefits are also offset by the very nature of its connected nature, which opens it to a large type of threats. In this case, the threats can easily turn life-threatening. This comparison and analysis of the Connected Medical Devices Security (CMDS) SPARK MatrixTM for 2024 and 2025 includes major vendors and their rankings as per customer impact and…

Are most of the CAPTCHAs we see today are even trying to block automation? The only users CAPTCHAs are stopping are the elderly, visually challenged, people on low-end devices, users with shaky connectivity, and non-native language speakers.

An SBOM is a comprehensive list of all the software components, dependencies, and metadata associated with an application. The SBOM functions as the inventory of all the building blocks that make up a software product. With it, organizations can better understand, manage, and secure their applications: CrowdStrike. So why has inventorying become a necessity? Because modern software supply chains have become too opaque and too fragmented for organizations to manage safely. This was because, as enterprises grew, they built, bought, and ran applications composed of hundreds or thousands of components without any clear visibility into their origins, dependencies, or vulnerabilities.…

Theoretically, it is a simple choice. It is preferable to opt for full SASE over ZTNA. If you have to choose between a full cybersecurity suite and an anti-malware software, all-around capabilities makes sense, because ZTNA is a core capability of SASE. SASE even extends security by combining ZTNA with networking (SD-WAN) and other security functions, like SWG, CASB, DLP, and FwaaS, under a single, cloud-native service fabric. But both technologies are becoming divergent choices for enterprises. Why? The technologies’ capabilities mean that some organizations will go all the way and add the entire SASE experience to their stack, while…

The Zero Trust Network Security (ZTNS) software is an essential part of almost all security stacks now. However, like all other security technologies, this is also an eternal battle between the red/black and white hats. So, the products need to be updated to be able to successfully face the latest types of threats. But the security landscape is not the only factor changing dynamically. Zero Trust’s very definition expands every year, from network segmentation (2019–21) to identity-driven access (2022–23), to full-stack “trust orchestration” (2024–25). Vendors also keep updating products to enhance the threat-fighting capabilities. A yearly comparison shows how analysts…

In battles, innovation matters. The Mongol cavalry, led by Genghis Khan, was highly effective because of various strategies and tools, like the composite bow and rotating horses. What is true for attack is also true for defense. However, even these innovations can fail against an outnumbered enemy that is implementing a proper strategy with much fewer resources. So why are we starting off a blog about SOC modernization and financial realities? Because the current threat landscape is nothing short of a war between two sides that are consistently trying to find innovations to defeat the other, and only one…

To paraphrase Mark Twain, the reports of the impending death of SD-WAN following the rise of hybrid/remote work have been exaggerated. Its ability to connect distributed infrastructure, enabling direct, intelligent cloud connection, and providing network visibility ensure the technology remains popular and has adapted to include provisions like zero trust and next-generation firewalls. The second technology we are talking about here, edge networking, helps provide better internet speeds by coming closer to the point of origin of the data, and has many other benefits. Thus, the integration of these two technologies makes sense. SD-WAN helps distributed workplaces to centralize control…

Going by their ubiquity, we can safely say that the API economy is booming. The APIs allow systems to connect rapidly and seamlessly. This ability has enabled collaboration between companies, developers, and consumers and created new opportunities for innovation, efficiency, and revenue generation. The ability has also made APIs a target for bad actors. A compromised API provides various “benefits,” including access to sensitive data and logic, and access to even more APIs, expanding the attack surface exponentially. That brings us to the point: How secure are your APIs, really, and how quickly can we do an API risk audit…