Vectra blog
Shorter, punchier pieces from Vectra engineers, analysts and consultants. Operational write-ups, opinion pieces and the occasional rant about cyber theatre.
-
Opinion
"Essential Eight ML3" is not a sticker on a box
Why a handful of ticked controls doesn't buy you maturity - and what ML3 actually demands in practice.
6 min read Read -
Advisory
What we keep seeing in Australian M&A due diligence
Patterns from 40+ cyber due-diligence engagements: the risks buyers miss, the risks sellers under-declare, and what actually matters at close.
8 min read Read -
Operations
Why we measure MTTD in seconds, not minutes
The operational discipline behind a sub-60-second mean-time-to-detect metric - and why it's the only MTTD that actually matters for prevention.
7 min read Read -
Platform
Sovereignty is a data-plane problem, not a marketing one
What "sovereign Australian SOC" actually means when you unpack data residency, personnel residency and legal residency separately.
5 min read Read -
Opinion
Cheaper red teams are not better red teams
Why scoping a red team on hours-of-effort is the quickest route to an expensive engagement that doesn't actually test your defences.
6 min read Read
Security, engineered around you.
Talk to an engineer - not a call centre. Most Vectra conversations start with a 30-minute technical briefing and end with a written plan.