by valino | Jun 2, 2026 | Hacking, SIEM
The first EDR tuning review we ran in 2026 began with a frustrated CISO and a six-month-old detection platform that had not produced a single confirmed incident. The CISO assumed the vendor had oversold the product. The review showed something more uncomfortable: the...
by valino | Jun 1, 2026 | Compliance, Hacking
This is the fourth Sunday letter we have written for the executive who is reading on a quiet evening with the laptop half-closed. The previous letters addressed the questions to ask, the personal liability exposure, and the governance question of risk appetite. This...
by valino | May 30, 2026 | Compliance, Hacking
The first third-party risk breach we worked in 2026 began at a vendor most of the company had forgotten existed. The vendor supplied a small inventory reconciliation service the company had integrated four years earlier through a service account with full read access...
by valino | May 29, 2026 | Hacking, Phishing
The first credential stuffing incident we triaged in 2026 looked exactly like a healthy week of customer logins. The login success rate had risen slightly. The login volume had risen sharply. The geographic distribution had broadened. Three weeks later, a fraud...
by valino | May 28, 2026 | Hacking, SIEM
The first detection engineering maturity assessment we ran in 2026 produced a result that surprised the CISO and ultimately reshaped the program. The SOC had 4,712 detection rules in production. Of those, 312 had fired in the previous twelve months. Of those 312, only...
