Threat intelligence, NIS2 compliance, and deception security, written for practitioners.
NIS2 is no longer a future deadline. The directive has applied since October 2024, national implementation is moving country by country, and customers are starting to ask for proof of detection and incident response. Here is what that means for your company.
Article 23 creates a 24-hour early-warning duty after awareness of a significant incident. But many SIEM stacks still miss honeytoken-grade signals because nobody built a rule for the trap nobody planted.
In May 2026, attackers secretly infected 42 popular developer tools used by thousands of companies worldwide. In six minutes, they stole AWS credentials, passwords, and private keys from every machine that had those tools installed. Here's what happened, why your security software missed it, and the one thing that would have stopped it cold.
Timing variance, path-optimality, and the things that give an LLM agent away when it walks into your bait.
Reversible by design. The engineering decisions behind containment that fires automatically and never paints you into a corner.
A single URL beacon planted in a wiki page surfaced an exfiltration chain that had been in motion for nine days.
We map every Vantuz trip back to ATT&CK in the dossier. Here's how we decided which techniques apply.
GDPR by design isn't a clause in a DPA. It's where the bits actually move.
