The Blog & Articles stream is where we unpack bigger questions: how modern attacks reshape risk, what “good” looks like in cloud-heavy environments, and how to make security a durable part of how your organization operates — not an annual panic.
Many articles begin as Labs research, client questions, and talk topics — then evolve into reference pieces teams return to during planning and reviews.
We write for people who have to convince others, not just configure things themselves. Articles focus on connecting technical realities to risk, resilience, and tradeoffs your organization actually faces.
Long-form paths from initial access to impact, with specific notes on where different controls, designs, or processes would have changed the outcome.
Articles on building and evolving security programs: prioritization, measurement, communication with leadership, and navigating constraints.
Deep dives on the defensive reality of Microsoft 365, Entra ID, Google Workspace, and SaaS-heavy environments.
The best use of longer-form writing is as a shared reference. Many clients weave articles into planning, reviews, and leadership conversations as neutral, thoughtful context.
Share an article before a roadmap, budget, or strategy session so everyone comes in with a baseline understanding and shared vocabulary.
Instead of one-off “security awareness” talks, drip articles to leadership, IT, and adjacent teams that deepen their understanding over time.
Use examples, metaphors, and structures from articles when explaining risk, controls, and roadmap decisions to non-security audiences.
We’re not aiming to be a news feed. Articles come out when we have something to say that holds up beyond this week’s headline and is worth revisiting later.