Network
What the FortiGate CIS benchmark actually catches (and what it doesn't)
A side-by-side of what the deterministic CIS pass leaves on the table — and what the AI overlay surfaces in the same config.
Field Notes
Insights from real audit engagements
Aggregated, anonymised findings from RiskInnovate audit engagements — falsifiable methodologies, attack chains we keep seeing, and what good remediation actually looks like in production.
Coming Soon
The first wave of articles ships alongside our public launch.
We're drafting the first batch of field notes from audits delivered in 2026. Subscribe and we'll send you the opening series — no marketing follow-up, just the articles.
Planned topics
Drafts in progressCloud
AWS IAM drift: nine months of CloudTrail vs declared policy
Aggregate findings from drift audits across mid-size AWS estates: which actions silently expand, and how attackers chain unused permissions.
AI Security
Indirect prompt injection in production — three patterns we test for
Real-world prompt-injection vectors we exercise against deployed LLM applications, mapped to OWASP LLM Top 10 + MITRE ATLAS.
Database
Why pg_hba.conf trust entries keep coming back
A 2026 snapshot of PostgreSQL authentication misconfigurations we still see in 60% of audited fleets, and how to prevent regression.
In the meantime
Browse our audit catalogue — every package has a public scope and the exact security domains it covers.
Browse Audit Packages