GIT GRC Hub
All topics

Topic

Cybersecurity

Threats, controls, detection, and red team walkthroughs from the field.

regreSSHion, xz-utils, and the year Linux supply-chain bugs got real — a defender's field guide
Cybersecurity·11 min

regreSSHion, xz-utils, and the year Linux supply-chain bugs got real — a defender's field guide

Two of the most consequential Linux vulnerabilities of the modern era hit within four months of each other. What actually happened, why your patching cadence almost certainly missed one of them, and the five-minute defender's checklist to run today.

Read
VAPT 101: from recon to a reportable finding
VAPT & Red Team·9 min

VAPT 101: from recon to a reportable finding

The end-to-end workflow of a black-box web app pen test, and what makes a finding survive client pushback.

Read
Detecting privilege escalation in Azure: an audit-first walkthrough
Cloud Security·12 min

Detecting privilege escalation in Azure: an audit-first walkthrough

How to find the four most common Azure privilege-escalation paths during an internal audit, before the red team does.

Read
Using LLMs to triage vulnerability scan output: risks and guardrails
AI for Security·10 min

Using LLMs to triage vulnerability scan output: risks and guardrails

A practical pattern for letting an LLM pre-rank Nessus or Tenable findings without inventing severity.

Read

Other topics

Internal AuditGRCISO StandardsAccounting