SecureIQLab

01/22/2026

Signature-based firewalls are dead.
But firewalls themselves? Not even close.

Modern attacks don’t need zero-days anymore.
They exploit som**hing more fundamental: the assumptions firewalls make about traffic.

Advanced Evasion Techniques (AETs) break traditional inspection models by:

Fragmenting payloads across packets

Manipulating TCP state and sequence numbers

Splicing sessions byte-by-byte

Tunneling protocols through “trusted” channels

Hiding in plain sight with obfuscation and LoTL tactics

In cloud environments, the problem gets worse.
Firewalls built for ASICs and FPGAs are now running on general-purpose compute, facing attack volumes and east–west traffic patterns they were never designed to handle.

The result?
Security controls that fail quietly under load—while organizations assume they’re protected.

I wrote a deep dive on why static inspection models are failing, and what this means for modern firewall design:

https://secureiqlab.com/signature-based-firewalls-are-dead/

Signature-based firewalls are dead

12/16/2025

Happy to announce SecureIQLab expanding into APAC region with offices in Katmandu, Nepal

SecureIQLab Establishes APAC Office in Kathmandu, Nepal

11/14/2025

In cybersecurity, "Secure-by-Design" and "Secure-by-Default" sound similar, but they're very different.

"Secure-by-Design" is about how a product was built.

"Secure-by-Default" is about how safe it is "out of the box," without you having to do a ton of configuration.

In a 2025 WAAP study, only 2 of 11 vendors achieved both. This is a big deal, as many organizations don't fully configure their security tools, leaving gaps.

How important is "out-of-the-box" security to you?

Read the full analysis:
https://f.mtr.cool/waphalfxso

11/11/2025

SecureIQLab is happy to join as Principal Member with Mplify to help with real-world, outcome validation for its global alliance of network, cloud, cybersecurity, and enterprise organizations. If you're at GNE, drop us a line, we'll be there!

SecureIQLab joins forces with Mplify

11/04/2025

SecureIQLab is a new Mplify member! 🎉

As a leading cybersecurity validation provider, we'll help accelerate secure, scalable NaaS adoption and the AI-powered digital economy.

Alliance: .bsky.social

Details: https://hubs.li/Q03QN4DH0

Mplify is a global alliance of enterprises, service providers, data centers, cloud platforms, technology providers, and systems integrators. Join us!

11/04/2025

SecureIQLab is pleased to announce we are a new member of the Mplify Alliance community.

As an independent cybersecurity validation and advisory provider, we look forward to contributing our expertise to this global alliance of network, cloud, and enterprise organizations.

We will be collaborating with fellow members to help accelerate the AI-powered digital economy and drive the adoption of secure, trusted Network-as-a-Service (NaaS).

You can learn more about Mplify and its mission here: https://hubs.li/Q03QN4DH0

Mplify is a global alliance of enterprises, service providers, data centers, cloud platforms, technology providers, and systems integrators. Join us!

10/31/2025

How secure is your browser? Enterprise browsers aim to ratchet that up, here's how:

Your regular browser may not be secure enough for modern threats, enterprise browsers can help.

10/07/2025

AI testing, it turns out, is way harder than it looks if it's any good. Here's our take on it:

As AI overload becomes a real thing, ominous, outsized claims are becoming annoyingly de rigueur. But testing those claims against real-world frameworks and threat vectors are harder than it seems. We should know, we’re doing it. For us, this is nothing new, we’ve been working on AI testing m**h...

10/02/2025

Cloud firewalls get a (welcome) overhaul, we dive into the details of what's driving it, including micro-segmentation, IAM, east-west networking, and the ability of startups to scale with the push of a few buttons.

Cloud firewalls are usually just a cluster of virtual machines running security software in a data center somewhere. So while they operate “in the cloud”, they don’t really take advantage of the additional cloud advantages like complex network layers, small, agile containers, micro-services, a...