https://gociux.com/insights/ Practical security engineering — vulnerability management, compliance, incident response, automation. en https://gociux.com/insights/kev-epss-vulnerability-prioritization.html https://gociux.com/insights/kev-epss-vulnerability-prioritization.html Thu, 11 Jun 2026 12:00:00 GMT Around 3,000 CVEs are published every month and only a small fraction are ever exploited. How CISA KEV and EPSS turn an impossible patching backlog into a short, defensible priority list. https://gociux.com/insights/nis2-requirements-explained.html https://gociux.com/insights/nis2-requirements-explained.html Thu, 11 Jun 2026 12:00:00 GMT A practical guide to the EU NIS2 directive: who is in scope, the 24-hour and 72-hour incident reporting cascade, the ten baseline security measures, management liability, and where to start. https://gociux.com/insights/entra-id-tenant-hardening.html https://gociux.com/insights/entra-id-tenant-hardening.html Thu, 11 Jun 2026 12:00:00 GMT A field-tested Microsoft Entra ID hardening checklist: killing legacy authentication, Conditional Access done right, phishing-resistant MFA for admins, break-glass accounts, app consent, and privileged role hygiene. https://gociux.com/insights/pci-dss-logging-requirements.html https://gociux.com/insights/pci-dss-logging-requirements.html Thu, 11 Jun 2026 12:00:00 GMT A practical engineering view of PCI DSS Requirement 10 — what to log, how long to keep it, daily review, time sync, and log integrity — and how to generate the evidence continuously instead of before the audit. https://gociux.com/insights/siem-build-buy-managed.html https://gociux.com/insights/siem-build-buy-managed.html Thu, 11 Jun 2026 12:00:00 GMT The honest economics of SIEM: why licensing is the smaller cost, where in-house deployments stall, what managed offerings trade away, and the questions that cut through vendor noise. https://gociux.com/insights/phishing-response-microsoft-365.html https://gociux.com/insights/phishing-response-microsoft-365.html Thu, 11 Jun 2026 12:00:00 GMT A practical first-hour runbook for phishing response in Microsoft 365: scoping with message trace, purging delivered mail, blocking the wave, finding who clicked, and containing compromised accounts. https://gociux.com/insights/secrets-in-cicd-pipelines.html https://gociux.com/insights/secrets-in-cicd-pipelines.html Thu, 11 Jun 2026 12:00:00 GMT Why API keys end up in git history, the three layers of secrets scanning that actually work, what to do in the first hour after a leak, and how short-lived credentials make the whole problem smaller.