Lab notebook
In-depth analyses of malware samples, technique deep-dives, and lab notes from the field. Long-form, technical, no fluff.
148 articles across all categories — page 10 of 17
The five tool categories that form the cloud security toolchain — what each does, where it sits in the stack, and which open-source tools you can use to build a capable security programme without enterprise budget.
How cloud pentesting differs from traditional network penetration testing, the six-phase cloud pentest methodology, the five patterns found in almost every cloud engagement, and how to structure a cloud pentest report.
Symmetric vs. asymmetric encryption, AES operating modes in cloud platforms, envelope encryption as the cloud standard, encrypting data across all three states, and the post-quantum cryptographic standards NIST finalised in 2024.
How the certificate trust hierarchy works, the complete PKI lifecycle from issuance to revocation, cloud-native PKI services, and the key management practices that determine whether your encryption controls actually hold.
Three techniques for protecting sensitive data in cloud environments — when to redact, when to tokenize, and when to obfuscate — with honest assessments of the limits of each approach.
How cloud IAM works at the level of subjects, actions, resources, and conditions — comparing RBAC, ABAC, and JIT access — and the access control mistakes that appear in almost every cloud audit.
Public, private, community, hybrid — and who is actually responsible for what. The shared responsibility model is the contract that defines cloud security obligations for every workload.
Regions, availability zones, control planes, defence in depth, Zero Trust, Type-1 and Type-2 hypervisors, hardware-assisted virtualization, and why containers are not VMs — the architectural layer that cloud security sits on top of.
Comparing AWS, Azure, and GCP across compute, storage, and identity primitives — and understanding NIC MeghRaj and Indian data sovereignty requirements that shape every cloud deployment in India.