Articles

Identity-to-data security thinking.

Notes on Identity Progression Attacks, lateral movement, and why cloud security needs to model movement toward sensitive data.

2026-05-20 5 min read

Assume credentials will leak. Detect movement toward data

Why the CISA credential exposure is a reminder to monitor valid identity activity as it moves toward sensitive data.

2026-05-19 5 min read

What APRA's AI letter means for Australian security leaders

Why APRA's AI letter makes AI security an operational-resilience question for regulated Australian organisations.

2026-05-14 5 min read

What the Canvas breach says about SaaS blast radius

Why SaaS breach response needs to answer what an attacker could reach before the final scope is confirmed.

2026-05-05 5 min read

The real breach starts before attackers exfiltrate data

Why security teams need to detect attacker progression before confirmed data loss.

2026-05-04 7 min read

What are Identity Progression Attacks?

A practical definition of Identity Progression Attacks and why defenders need to detect movement from foothold to high-value target.

2026-04-01 5 min read

Supply chain attacks are a credential theft problem

Why software supply chain compromises often become fast-moving identity-to-data attacks once credentials are stolen.

2026-03-04 4 min read

Why we're building vec0

Why vec0 models attacker progression through identities, permissions, and systems as paths toward sensitive data.