Cybersecurity Blog
Insights, technical guides and analysis from the Secra team on the latest cybersecurity threats and trends.
Penetration Testing Pricing in Spain: What Drives the Cost
What actually drives the cost of a penetration test in Spain: scope, methodology depth, compliance, retest, hourly profile and red flags in low quotes.
How to Avoid Phishing: Practical 2026 Guide for Businesses
How to avoid phishing in 2026: signs to recognise it, technical measures (MFA, DMARC, email filter) and response plan if you've fallen for one.
IaaS, PaaS and SaaS: Differences and Security Model
Differences between IaaS, PaaS and SaaS with real examples, shared responsibility model and which security risks the client takes on each model.
Penetration Testing vs Red Team: Differences and When to Use
Pentesting vs Red Team explained in depth: objective, scope, duration, profile, fit with NIS2 and DORA. How to decide which one your company needs and when.
SIEM vs SOAR vs XDR: Differences and How to Combine
SIEM, SOAR and XDR explained with clear differences: what each does, where they overlap, when to choose one or another and how to combine them.
Systems and Network Hardening: Frameworks and Practice
What systems and network hardening is: definition, CIS and NIST frameworks, hardening as code, common mistakes and fit with ENS, NIS2 and ISO 27001.
What Is a Backup: Types, 3-2-1 Rule and Business Strategy
What a backup is, types (full, incremental, differential), the 3-2-1 rule, differences with disaster recovery and how to verify copies actually work.
Watering Hole Attack: What It Is, How It Works and Cases
What a watering hole attack is: definition, how it works, real cases like Council on Foreign Relations and Polish banking, and how to defend.
What Is Blue Team: Functions and Red Team Comparison
What the Blue Team is in cybersecurity: functions, tools, MTTD and MTTR metrics, differences with Red Team and Purple Team, and when you need it.