All shelves

How the shelves are organised

The ScruteX Knowledge Base is divided into six shelves that mirror how mature security teams actually split their work. Each shelf is a self-contained body of articles covering one operational area, and each article inside it is written to stand on its own — you should be able to read any single book without needing to read everything else first.

Attack Surface Management covers everything visible to the public internet: exposed services, certificates, dangling subdomains, outdated web technologies, and the discovery techniques that turn a sprawling, poorly-tracked estate into a monitored inventory. Data Exposure and the Dark Web covers the lifecycle of leaked data — how stealer logs are produced, how breached credentials end up on Telegram, how source code leaks happen, and where defenders should be looking. Brand Protection covers impersonation: typosquatting, homograph domains, fake mobile apps, and imposter social profiles, with practical notes on how takedowns actually get done.

Threat Intelligence covers the actor side: who is targeting whom, how zero-days move through disclosure and exploitation, how initial access brokers monetise their work, and the AI/LLM-specific risks that have emerged in the last two years. Vendor & Supply Chain covers third-party risk: SBOM, SCA, software supply chain attacks like SolarWinds and 3CX, and the regulatory pressure (DORA, NIS2, SOCI) that is reshaping vendor due diligence. Security Operations covers how all of the above gets run as a programme: CTEM, threat hunting, incident response, MITRE ATT&CK mapping, and risk scoring approaches that move beyond raw CVSS.

Articles cross-link between shelves wherever it makes sense, and the glossary sits alongside as a quick-reference for acronyms and recurring terminology. If you are not sure where to start, the shelves below show how many articles each currently contains.