Insights, threat intelligence and honest analysis from a cybersecurity executive with 23+ years defending financial institutions, critical infrastructure and enterprise environments across India and globally.
As featured in & associated with
Real-time threat intelligence from CISA, The Hacker News and Krebs on Security — curated for security professionals.
Deep-dive analysis on the most critical active vulnerabilities, with context on impact and remediation.
A critical authentication bypass vulnerability in Fortinet FortiOS and FortiProxy allows remote unauthenticated attackers to gain super-admin privileges via crafted requests to the Node.js websocket module. Actively exploited in the wild targeting financial sector and critical infrastructure.
Curated security intelligence with my perspective — what matters, what doesn't, and why.
Zero Trust is no longer a future state — it's the baseline. The real challenge is legacy app integration, not the architecture itself.
Privileged access in financial services is a board-level issue. Developer access to production data is where breaches actually start.
SIEM is dead. Long live SIEM. The platforms evolve but the fundamental problem — too many alerts, too few analysts — remains unsolved without AI.
Cloud-native security tools are outpacing traditional perimeter approaches. India's financial sector needs to move faster on cloud posture management.
Recognition matters less than the work behind it. What got us here was making security a business enabler, not a blocker.
Automation catches patterns. Humans catch context. The best SOCs use both — and know when to hand off from one to the other.
5 questions. 2 minutes. Honest answer from a practitioner.
What security executives need to know — and what they don't need to panic about.
Industry engagements, keynotes and published thought leadership.
Recognised for transformative cybersecurity leadership at India's premier security summit.
Read coverage →Selected as a speaker for one of the world's leading cybersecurity conferences in Tel Aviv.
View presentation →Delivered insights on enterprise security transformation for senior security leaders across India.
Event details →Mentoring early-stage cybersecurity startups on product, go-to-market and enterprise sales.
See N-CoE mentors →Published analysis on the evolution of SIEM from log management to next-generation security operations — still relevant today.
Read the article →Seen something suspicious? Share anonymously and contribute to the community threat picture.
Turn a security topic or observation into a polished LinkedIn post. Describe what you want to share and get a professional draft.
This site is independently maintained — no corporate backing, no sponsored content. If the threat intelligence or analysis has been valuable to you, a coffee keeps it running.
UPI · Cards · NetBanking · Wallets · Secured by RazorpayI've spent nearly two decades in cybersecurity — most of it in financial services, where the stakes are highest and the patience for security theatre is zero.
My work spans SOC transformation, zero trust architecture, privileged access management, cloud security posture and building security cultures that actually work. I've led security programs through regulatory examinations, major incidents and board-level scrutiny.
This site exists because I believe better-informed security practitioners make the entire industry safer. I write what I've lived, cite what I can verify, and flag when I'm speculating.
Whether you want to discuss a security topic, suggest content, share research or simply connect — I read every message.
Response time is typically 48–72 hours. For urgent security matters, contact your national CERT directly.