Essays

• Runtime Security: Definition and Why It’s No Longer Optional

  Runtime security is often framed as monitoring. This essay argues it should also mean protection at execution time—preventing and containing harmful actions, especially when sensitive data exists in memory.

  2026.02.17 · 13 min read

• Granularity: The Hidden Determinant of Security Boundaries

  Encryption alone does not define security.
  This essay argues that the true determinant of breach impact is the granularity of runtime protection.

  2026.01.18 · 4 min read

• The $400 Million IDaaS Breach Lessons

  Major breaches at Microsoft, Okta, and LastPass reveal a shared failure:
  highly sensitive authentication data was exposed while in memory.
  This essay explains why per-process memory encryption must become the foundation of next-generation identity security.

  2026.01.18 · 7 min read

• The End of the MFA Myth

  Real-time phishing dismantles the MFA myth.
  If authentication relies on transferable information,
  the boundary does not exist.

  2026.01.18 · 9 min read