Latest postsDetection engineering with MITRE ATT&CK and Sigma 20/05/2026Building meaningful security detections: choosing log sources, mapping to ATT&CK, writing Sigma rules, and avoiding alert fatigue.CVE, CVSS, EPSS, and KEV – how to prioritise vulnerabilities sensibly 20/05/2026Understanding the scoring systems behind vulnerability prioritisation and how to combine them so you patch what actually matters.Cloud IAM privilege escalation – how attackers move up in AWS, Azure, and GCP 20/05/2026The most common cloud IAM misconfigurations attackers chain into full account takeover, and the controls that close them off.API security deep dive – OAuth 2.0, OIDC, and JWT pitfalls 20/05/2026How OAuth 2.0 and OpenID Connect actually work, the JWT pitfalls that bite even experienced teams, and a practical hardening checklist for modern APIs.Active Directory attack paths and defences 20/05/2026Kerberoasting, AS-REP roasting, NTLM relay, and Golden Tickets explained – plus the tiering and hardening that actually stops them.