SecOps – MOBS Bangladesh

PASTA – Process for Attack Simulation and Threat Analysis in the SOC

August 14, 2025 Shuvro

Reading Time: 4 minutesThis document outlines the PASTA-SOC framework, a structured methodology to evolve a Security Operations Center (SOC) from a reactive to a proactive, threat-informed defense model. It operationalizes the seven stages of the Process for Attack Simulation and Threat Analysis (PASTA) by integrating its business-centric principles with the tactical capabilities of modern security technologies, primarily Breach and Attack Simulation (BAS), Threat Intelligence Platforms (TIPs), and Security Orchestration, Automation, and Response (SOAR).

Build a Service-Based Security Resourcing Plan

August 6, 2025August 6, 2025 Shuvro

Reading Time: 3 minutesThis document provides a comprehensive blueprint for transitioning from a traditional, in-house security model to a strategic, agile, and value-aligned service-based paradigm.

ASPM – Application Security Posture Management in the Enterprise

August 3, 2025August 3, 2025 Shuvro

Reading Time: 4 minutesStatus: Final Blueprint Author: Shahab Al Yamin Chawdhury Organization: Principal Architect & Consultant Group Research Date: June 3, 2024 Location: Dhaka, Bangladesh Version: 1.0 Executive Summary Application Security Posture Management (ASPM) represents a strategic shift from fragmented, reactive vulnerability management Read More …

Auditor Became CISSP – Never Performed in Projects & in IS Development, Would You Hire Him for Your Infrastructure Platform Management? Can or Should that Knowledge Gap be Admissible?

August 1, 2025August 1, 2025 Shuvro

Reading Time: 6 minutesStatus: Final Blueprint (Summary) Author: Shahab Al Yamin Chawdhury Organization: Principal Architect & Consultant Group Research Date: June 1, 2024 Location: Dhaka, Bangladesh Version: 1.0 1. The Core Dilemma: Assessor vs. Builder Mindset We are observing worldwide adoption on CISSP Read More …

Critically Define the Role of a Cybersecurity Architect

August 1, 2025 Shuvro

Reading Time: 4 minutesStatus: Final Blueprint Summary Author: Shahab Al Yamin Chawdhury Organization: Principal Architect & Consultant Group Research Date: March 1, 2022 Location: Dhaka, Bangladesh Version: 1.0 Part I: Foundational Blueprint Defining the Modern Architect: Beyond the Job Description The Cybersecurity Architect Read More …

Multi-Cloud Security in the Enterprise

July 27, 2025 Shuvro

Reading Time: 3 minutesThe modern enterprise operates in a multi-cloud reality. However, this state is often reached “accidentally” through uncoordinated business decisions, leading to a fragmented and dangerously complex security posture.

Automate Detection and Response to Website Defacement Attacks in Azure, AWS & GCP

July 27, 2025July 27, 2025 Shuvro

Reading Time: 4 minutesStatus: Final Blueprint Author: Shahab Al Yamin Chawdhury Organization: Principal Architect & Consultant Group Research Date: July 26, 2024 Location: Dhaka, Bangladesh Version: 1.0 Executive Summary Website defacement is a critical security breach that inflicts significant reputational and financial damage. Read More …

S	M	T	W	T	F	S
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30