
CVSS Is Lying to You (Sometimes on Purpose): Reading Severity Scores Like a Skeptic
By Pallavi M

Bypassing Multi-Factor Authentication: How Attackers Exploit Flawed OAuth and SSO Implementations
By Harsh Nandanwar

The Pen Test Is Dead, Long Live the Pen Test: Why Annual Audits Can't Keep Up With Weekly Deploys
By Pallavi M

SOC 2 Type II and Continuous Pentesting: Automating Your Audit Evidence for 2026
By Harsh Nandanwar

The Secrets Manager You Already Have and Aren't Using Right
By Pallavi M

Shifting Left is Broken: Why DAST Needs an AI Overhaul in Modern CI/CD Pipelines
By Harsh Nandanwar

Rate Limiting That Actually Stops Attackers, Not Just Your Own Users
By Pallavi M

CORS Is Not a Security Feature (And Other Things Your Config Is Lying About)
By Pallavi M

Alert Fatigue is a Data Problem: How "Verified PoCs" Are Saving Burned-Out SOC Teams
By Harsh Nandanwar
