by valino | May 28, 2026 | Hacking, SIEM
The first detection engineering maturity assessment we ran in 2026 produced a result that surprised the CISO and ultimately reshaped the program. The SOC had 4,712 detection rules in production. Of those, 312 had fired in the previous twelve months. Of those 312, only...
by valino | May 27, 2026 | Hacking, Compliance
The most expensive backup recovery failure we triaged in 2026 was caused by a recovery procedure that had not been tested under load since 2021. The backups themselves were intact. The encryption keys were available. The storage tier was online. The recovery script,...
by valino | May 26, 2026 | Hacking, Compliance
The most damaging insider threat case we worked in 2026 was not malicious. It was a senior engineer, two weeks before voluntarily leaving a company, who copied a folder of design documents to a personal cloud account because he wanted to remember what he had built. He...
by valino | May 25, 2026 | Hacking, Compliance
The most useful zero trust implementation we have audited in 2026 took six years and produced an environment in which a compromised laptop could not, by itself, reach any production system. The least useful zero-trust implementation we have audited took eighteen...
by valino | May 25, 2026 | Hacking, Compliance
This is the third Sunday letter we have written for the executive who is reading on a quiet evening with the laptop half-closed. The first focused on the questions to ask. The second focused on personal liability. This one focuses on the question that quietly governs...
