Purple Teaming has become a key practice for organizations looking to assess and improve their detection and response capabilities. By bringing together offensive and defensive teams, Purple Team exercises help validate security controls, identify detection gaps, and strengthen incident response…
Category: Deep-dive
As highlighted in our previous article, Electric vehicle charging infrastructures: Energy performance and new cybersecurity challenges, charge point operators (CPOs) operate within a demanding business model, where profitability depends on their ability to drive recurring usage of their networks. In this context, user experience becomes a key…
1. AI is no longer a fantasy, it's a reality that IAM must not miss Two years ago, we asked whether artificial intelligence (AI) could represent a revolution for IAM in our article “Artificial intelligence: a revolution in IAM? -…
Electric mobility is experiencing rapid growth in France and across Europe: in January 2026, registrations of fully electric vehicles in France increased by more than 50% compared with January 2025, bringing their market share to nearly one third of total vehicle sales. This trajectory confirms a structural transformation of…
Following an initial phase focused on understanding the scope and framework of Part-IS and on drafting Information Security Management Systems (ISMS), the aviation sector has entered a new phase. In 2026, Part-IS is no longer a theoretical or purely documentary topic — it has…
Post-Quantum Cryptography (PQC) has fueled debates for years, but since the European Commission’s June 2025 communication on the PQC transition roadmap, the acceleration is undeniable. It is no longer a question of “if” but rather “when”, quantum computing will disrupt our cryptographic foundations. As the Wavestone RiskInsight article « Quantum computing and post-quantum cryptography: what strategy should companies adopt to deal with these issues? » reminds us, this subject shifts…
Audits and Red Team assessments led by Wavestone showed a stark imbalance between the maturity of on-premise infrastructure protection and the cloud deployment ones. While on-premise infrastructure are generally well identified, controlled and protected according to proven standards, their cloud…
It's time to begin the second part of our Zimbra investigation. If you haven't read the first part yet, we strongly recommend starting HERE before continuing.In this second part, we'll assume that an attacker has managed to compromise a Zimbra…
The simplest attacks are often the most effective. In most companies, webmail access portals are exposed on the internet and do not always benefit from sufficient access-control mechanisms. In addition, some messaging services offer extended features that go beyond simple…
In our previous articles of this OT cybersecurity monitoring series (Cybersecurity monitoring for OT / Cybersecurity tooling strategy), we explained the current state of OT detection capabilities and discussed the right tooling strategy. This third article focuses on a key question: how do you measure the efficiency of…
