{ "version": "https://jsonfeed.org/version/1.1", "title": "Manish Pandey ยท Writing", "home_page_url": "https://manishpandey.co.in/", "feed_url": "https://manishpandey.co.in/feed.json", "description": "Cybersecurity architect and researcher. 13+ years across application, infrastructure, cloud, and AI security. Writing, research, and lab notes from Bengaluru.", "icon": "https://manishpandey.co.in/apple-touch-icon.png", "favicon": "https://manishpandey.co.in/favicon.svg", "language": "en", "authors": [ { "name": "Manish Pandey", "url": "https://manishpandey.co.in", "avatar": "https://manishpandey.co.in/apple-touch-icon.png" } ], "items": [ { "id": "https://manishpandey.co.in/why-stride-breaks-when-you-threat-model-ai-agents-and-what-to-do-instead/", "url": "https://manishpandey.co.in/why-stride-breaks-when-you-threat-model-ai-agents-and-what-to-do-instead/", "title": "Why STRIDE Breaks When You Threat Model AI Agents (And What to Do Instead)", "summary": "STRIDE was built for deterministic systems. Agentic AI breaks its core assumptions. Here is a five-zone method that actually finds EchoLeak-class attacks.", "content_text": "STRIDE was built for deterministic systems. Agentic AI breaks its core assumptions. Here is a five-zone method that actually finds EchoLeak-class attacks.", "date_published": "2026-03-24T00:00:00.000Z", "date_modified": "2026-03-24T00:00:00.000Z", "tags": [ "ai-security", "threat-modeling", "llm", "agentic-ai" ], "authors": [ { "name": "Manish Pandey", "url": "https://manishpandey.co.in" } ] }, { "id": "https://manishpandey.co.in/red-teaming-generative-ai-why-language-is-the-new-exploit-vector/", "url": "https://manishpandey.co.in/red-teaming-generative-ai-why-language-is-the-new-exploit-vector/", "title": "Red Teaming Generative AI: Language as the New Exploit Vector", "summary": "Prompts are payloads. Why classical red-teaming misses LLM-native attacks, and how to design adversarial tests that surface jailbreaks, tool misuse, and goal hijack.", "content_text": "Prompts are payloads. Why classical red-teaming misses LLM-native attacks, and how to design adversarial tests that surface jailbreaks, tool misuse, and goal hijack.", "date_published": "2026-02-13T00:00:00.000Z", "date_modified": "2026-02-13T00:00:00.000Z", "tags": [ "ai-security", "red-teaming", "llm" ], "authors": [ { "name": "Manish Pandey", "url": "https://manishpandey.co.in" } ] }, { "id": "https://manishpandey.co.in/how-to-fortify-iot-devices-against-hidden-cyber-threats/", "url": "https://manishpandey.co.in/how-to-fortify-iot-devices-against-hidden-cyber-threats/", "title": "How to Fortify IoT Devices Against Hidden Cyber Threats", "summary": "IoT devices fail open by default. A pragmatic checklist for hardening firmware, networks, and lifecycle management against the threats most teams overlook.", "content_text": "IoT devices fail open by default. A pragmatic checklist for hardening firmware, networks, and lifecycle management against the threats most teams overlook.", "date_published": "2025-10-11T00:00:00.000Z", "date_modified": "2025-10-11T00:00:00.000Z", "tags": [ "iot", "infrastructure-security" ], "authors": [ { "name": "Manish Pandey", "url": "https://manishpandey.co.in" } ] }, { "id": "https://manishpandey.co.in/build-ironclad-ml-security-fast-maestro-framework-explained/", "url": "https://manishpandey.co.in/build-ironclad-ml-security-fast-maestro-framework-explained/", "title": "Build Ironclad ML Security Fast: MAESTRO Framework Explained", "summary": "CSA's MAESTRO framework, explained for practitioners. Layer-by-layer attack surface, control mapping, and how to apply it to your ML pipeline this week.", "content_text": "CSA's MAESTRO framework, explained for practitioners. Layer-by-layer attack surface, control mapping, and how to apply it to your ML pipeline this week.", "date_published": "2025-10-02T00:00:00.000Z", "date_modified": "2025-10-02T00:00:00.000Z", "tags": [ "ml-security", "ai-security", "frameworks" ], "authors": [ { "name": "Manish Pandey", "url": "https://manishpandey.co.in" } ] }, { "id": "https://manishpandey.co.in/win-the-ai-security-battle-essential-moves-for-leaders/", "url": "https://manishpandey.co.in/win-the-ai-security-battle-essential-moves-for-leaders/", "title": "Win the AI Security Battle: Essential Moves for Leaders", "summary": "Five concrete moves security leaders should make this quarter to keep up with AI adoption, without slowing the teams shipping it.", "content_text": "Five concrete moves security leaders should make this quarter to keep up with AI adoption, without slowing the teams shipping it.", "date_published": "2025-10-02T00:00:00.000Z", "date_modified": "2025-10-02T00:00:00.000Z", "tags": [ "ai-security", "leadership", "strategy" ], "authors": [ { "name": "Manish Pandey", "url": "https://manishpandey.co.in" } ] }, { "id": "https://manishpandey.co.in/elevate-cyber-defense-start-threat-modeling-now/", "url": "https://manishpandey.co.in/elevate-cyber-defense-start-threat-modeling-now/", "title": "Elevate Cyber Defense: Start Threat Modeling Now", "summary": "Why threat modeling is the highest-leverage activity in a security program, and how to start without buying tooling or hiring consultants.", "content_text": "Why threat modeling is the highest-leverage activity in a security program, and how to start without buying tooling or hiring consultants.", "date_published": "2024-08-15T00:00:00.000Z", "date_modified": "2024-08-15T00:00:00.000Z", "tags": [ "threat-modeling" ], "authors": [ { "name": "Manish Pandey", "url": "https://manishpandey.co.in" } ] }, { "id": "https://manishpandey.co.in/transform-your-security-strategy-with-leading-threat-modeling-tools/", "url": "https://manishpandey.co.in/transform-your-security-strategy-with-leading-threat-modeling-tools/", "title": "Transform Your Security Strategy with Leading Threat Modeling Tools", "summary": "A practitioner's comparison of OWASP Threat Dragon, IriusRisk, Microsoft Threat Modeling Tool, and others, with concrete picks by team size and maturity.", "content_text": "A practitioner's comparison of OWASP Threat Dragon, IriusRisk, Microsoft Threat Modeling Tool, and others, with concrete picks by team size and maturity.", "date_published": "2024-06-02T00:00:00.000Z", "date_modified": "2024-06-02T00:00:00.000Z", "tags": [ "threat-modeling", "tooling" ], "authors": [ { "name": "Manish Pandey", "url": "https://manishpandey.co.in" } ] }, { "id": "https://manishpandey.co.in/cyber-resilience-how-to-implement-cutting-edge-threat-modeling-techniques/", "url": "https://manishpandey.co.in/cyber-resilience-how-to-implement-cutting-edge-threat-modeling-techniques/", "title": "Cyber Resilience: How to Implement Cutting-Edge Threat Modeling Techniques", "summary": "Beyond STRIDE: attack trees, PASTA, kill chains, and how to combine them into a methodology your engineers will actually use.", "content_text": "Beyond STRIDE: attack trees, PASTA, kill chains, and how to combine them into a methodology your engineers will actually use.", "date_published": "2024-06-01T00:00:00.000Z", "date_modified": "2024-06-01T00:00:00.000Z", "tags": [ "threat-modeling", "resilience" ], "authors": [ { "name": "Manish Pandey", "url": "https://manishpandey.co.in" } ] }, { "id": "https://manishpandey.co.in/advance-your-security-pentestings-critical-edge-in-iso-27001/", "url": "https://manishpandey.co.in/advance-your-security-pentestings-critical-edge-in-iso-27001/", "title": "Advance Your Security: PenTesting's Critical Edge in ISO 27001", "summary": "Where pentesting fits inside an ISO 27001 program, what auditors look for, and how to scope tests so they produce defensible evidence, not just findings.", "content_text": "Where pentesting fits inside an ISO 27001 program, what auditors look for, and how to scope tests so they produce defensible evidence, not just findings.", "date_published": "2024-02-17T00:00:00.000Z", "date_modified": "2024-02-17T00:00:00.000Z", "tags": [ "compliance", "pentesting", "iso-27001" ], "authors": [ { "name": "Manish Pandey", "url": "https://manishpandey.co.in" } ] }, { "id": "https://manishpandey.co.in/empower-your-security-essential-insights-into-threat-modeling/", "url": "https://manishpandey.co.in/empower-your-security-essential-insights-into-threat-modeling/", "title": "Empower Your Security: Essential Insights into Threat Modeling", "summary": "A foundational guide to threat modeling: what it is, when to do it, who should be in the room, and the seven questions every model must answer.", "content_text": "A foundational guide to threat modeling: what it is, when to do it, who should be in the room, and the seven questions every model must answer.", "date_published": "2024-01-01T00:00:00.000Z", "date_modified": "2024-01-01T00:00:00.000Z", "tags": [ "threat-modeling", "fundamentals" ], "authors": [ { "name": "Manish Pandey", "url": "https://manishpandey.co.in" } ] } ] }