Technical deep dives, incident response stories, and practical guidance from the Command Centre IT cyber defence team.
When real-time protection turns into an RTP storm, fanotify becomes the choke point. Here's how to surgically tune exclusions, architect mounts, and eliminate unnecessary permission events — without reducing meaningful coverage.
Read the full storyCurated insights on managed security, incident response, and cyber defence.
Understanding the fanotify bottleneck, the 15% CPU myth, and why eBPF is not your enemy. A practical view of why Linux RTP stalls under real load and how to design flow-aware protection.
Defender for Endpoint on Linux is kernel-adjacent: fanotify for real-time decisions, eBPF for behavioural detections, and a multi-process wdavdaemon architecture. Here’s how we stress test it and govern exclusions without creating blind spots.
When an energy provider’s external DNS was hijacked, customers lost access to key services. Here’s how we diagnosed, contained, and restored their communications in record time.
From AI-driven detection to real-time attack disruption, this is how we design and run modern security operations for our clients.
Scanning alone doesn’t reduce risk. We walk through how we prioritise vulnerabilities, align with business impact, and drive real remediation.
Most awareness training is forgettable. Here’s how we design sessions that staff remember—and attackers dislike.