How to Run a Technical Discovery Call for Security Deals
A structured guide for Solutions Engineers on running technical discovery calls for cybersecurity deals — 5-phase framework, 25 must-ask questions, and …
Posts
S3 Bucket Breach: One Misconfigured Permission, Millions of Records Leaked
How a single misconfigured S3 permission exposed millions of records. Real breaches, AWS CLI enumeration commands, CloudTrail detection, and hardening playbook.
Apache ActiveMQ CVE-2026-34197 Exploited in the Wild — ZionSiphon ICS Malware and Sapphire Sleet macOS Campaign
CVE-2026-34197 ActiveMQ RCE added to CISA KEV, ZionSiphon targets water ICS/OT, Sapphire Sleet hits macOS via ClickFix
Firmware Rootkit: The Malware That Survives a Full OS Reinstall
Technical analysis of UEFI/firmware rootkits: LoJax, MoonBounce, CosmicStrand, and BlackLotus. Detection with chipsec, TPM attestation, and Secure Boot …
Security Compliance Cheat Sheet: NIST, ISO 27001, SOC 2, PCI DSS
Quick-reference comparison of NIST CSF, ISO 27001, SOC 2, and PCI DSS for Solutions Engineers — decision tree, framework breakdowns, and real pre-sales …
SIEM Replacement: How Agentic AI Changes Security Operations
In 2022, the median time between initial access and the secondary threat hand-off was 8 hours. At RSAC 2026, Mandiant put the new number on the main stage: 22 s
BGP Hijacking: How Attackers Reroute the Internet Itself
Deep dive into BGP hijacking mechanics, real incidents including the 2018 AWS Route 53 attack, RPKI/ROA validation, BGPStream monitoring, and prefix filtering …
Cisco ISE and Webex RCE Flaws Patched — CVE-2026-20184, nginx-ui Exploited, SAP CVSS 9.9
Cisco patches CVE-2026-20184 in ISE/Webex, nginx-ui CVE-2026-33032 exploited in the wild, SAP CVSS 9.9 SQL injection, PowMix botnet exposed
How to Whiteboard a Zero Trust Architecture in 10 Minutes
Step-by-step guide for Solutions Engineers to whiteboard a Zero Trust Architecture in customer meetings — the 5 pillars, drawing sequence, and vertical-specific …
Microsoft April 2026 Patch Tuesday: 167 Fixes, Exploited SharePoint Zero-Day CVE-2026-32201, and n8n Phishing Abuse
Microsoft patches 167 flaws including exploited CVE-2026-32201 SharePoint zero-day. n8n phishing abuse, fake Ledger app, Mirax RAT proxy botnet.