Notes on identity, AI security, and the practice of building software.
I'm Deepak Gupta, a founder and cybersecurity architect writing about the gaps between the categories everyone talks about and the categories that actually matter.
- 1B+
- users (CIAM)
- 5
- patents
- 15+
- yrs in identity & security
Featured writing
The pieces that capture what I think about most.

Billions in Fines, Barely a Bruise: What Big Tech Penalties Really Mean for Your Privacy
Every few months another tech giant is fined hundreds of millions for violating your privacy. The numbers are enormous, the violations keep accelerating, and the math explains why: the penalties cost far less than compliance. Here is what they really mean, and what you can actually do.
Read the essay- GEO
Crawl Budget Is Now an AI Visibility Problem
Crawl budget is no longer a technical SEO footnote. Google's AI surfaces draw from the same Search index as the blue links, so whether you appear in an AI answer reduces to whether Google crawled, indexed, and kept your pages fresh.
- GEO
GEO Is a Product Discipline, Not a Marketing One
The entire GEO industry treats AI visibility as a marketing problem: track citations, optimize content, report share of voice. That framing is why most GEO programs plateau. The deeper truth is that GEO is a product discipline, and the teams winning at it have figured that out.
- Machine Identity
Top Non-Human Identity (NHI) Management Tools for 2026
The leading non-human identity (NHI) management tools for 2026, compared by job: discovery and posture, secrets management, machine identity, and workload identity.
- GEO
The AEO Strategy Playbook for 2026: Homepage Schema, Content Patterns, and an Experimentation Roadmap
A practical AEO playbook for 2026: how Answer Engine Optimization differs from SEO and GEO, the homepage and entity schema that makes a brand citable, the content patterns AI answer engines quote, and an experimentation roadmap to measure citation share.
- GEO
Why GEO Has to Be Vertical (When SEO Never Was)
SEO became a horizontal layer because its substrate was uniform: one ranking algorithm, one signal set, one results format. GEO can't collapse that way. Here is the architectural reason.
- cybersecurity
I Spent a Decade Building a Password Company. Here's Why I'd Tell You to Kill Yours
I spent ten years engineering, scaling, and defending password-based authentication for a CIAM platform that grew to a billion users.
- CIAM
The Future of CIAM: Why Legacy Identity Systems Are Dead (And What Replaces Them)
The CIAM platform that got you to 1 million users won't get you to 10 million AI agents.
- passwordless
The Complete Guide to Passwordless Authentication in 2026: How It Works, Why It Matters, and How to Implement It
Passwords are responsible for 80% of data breaches. Passwordless authentication eliminates the attack surface entirely.
- CIAM
What Is CIAM? A Complete Guide to Customer Identity and Access Management in 2026
CIAM is the technology layer that decides how your customers log in, what they can access, and how their data is protected.
- AI (Artificial Intelligence)
Stop Optimizing for Google. Start Optimizing for AI That Actually Answers Questions.
AI answer engines changed the game. It's no longer about ranking #1, it's about being cited in AI-generated responses.
- Machine Identity
The Identity Crisis No One's Talking About: How AI Agents and Vibe Coding Are Rewriting the Rules of Digital Security
Your IAM strategy is obsolete. Organizations now manage 96 machine identities per human, AI agents make autonomous decisions at scale, and 45% of
- AI (Artificial Intelligence)
MCP, RAG, and ACP: A Comparative Analysis in Artificial Intelligence
Discover how three emerging AI protocols are reshaping future of technology. This analysis reveals how MCP, RAG, and ACP can be strategically combined to
Recently published
What landed on the blog this past week.
· OpinionAmerica at 250: The Best Place to Build What Doesn't Exist Yet
America turns 250, and it is still the best place to build something the market has no words for yet. A founder's reflection on a career spent doing exactly that.
· GEODocumentation Is Your Most Underrated GEO Asset
When a buyer asks an AI engine whether your product supports something, the answer often gets grounded in your documentation, not your marketing. Most companies treat docs as a cost center. In the AI search era, your documentation is one of the highest-value visibility assets you own.
· Password HashingIs PBKDF2 Deprecated? What Developers Should Use in 2026
PBKDF2 is not deprecated, but it is no longer the recommended default for new systems. Here is the honest, practical answer for developers: when PBKDF2 is still acceptable, when you should reach for Argon2id instead, and how to decide for your system.
Predictions & Postmortems
Two opinionated portals. Predictions worth betting on, and obituaries for the technology that defined us.
Passwordless Everything by 2030
Prediction · 2030By 2030, no top-1000 consumer app accepts a password as a primary factor. The 60-year-old interaction model is over.
Ten verifiable bets on what comes next
10 predictionsConcrete predictions with timelines and disruption scores. Each has a falsifiable first-signal evidence trail.
The Password (1961 to Dying)
ObituaryBorn at MIT in 1961, killed by passkeys in 2024. The autopsy of the most successful bad idea in computing history.
Ten obituaries for technologies that died
10 obituariesEach one tells the story of what killed it, what it took with it, and what we should have known earlier.
Go deeper
Long-form research pillars, opinionated tool comparisons, and long-form free guides. Pick the depth that matches the question.
- ResearchPillar · 13 min
The AI Security Stack of 2026
The five layers of AI security (Governance, Red Teaming, MLSecOps, Threat Detection, Agentic Defense) and what to build first.
Read more - ResearchPillar · 16 min
Application Security 101
SAST, DAST, IAST, ASPM, SCA: how the modern AppSec stack actually fits together and where to start.
Read more - Tools10 vendors compared
Top 10 PAM Solutions for 2026
CyberArk, Delinea, BeyondTrust, and the rest. Enterprise privileged access management compared with honest weaknesses.
Read more - Tools5 platforms compared
Top 5 SASE Platforms for 2026
Zscaler, Palo Alto, Netskope, Cato, Cisco. Converged SD-WAN + Zero Trust security from one cloud edge.
Read more - E-bookFree · No email gate
The AI Search Visibility Guide
How AEO and GEO actually work, what AI engines reward, and the playbook to get your company cited by ChatGPT, Perplexity, Claude, and Gemini.
Read more
Free security & privacy tools
Interactive tools I built and use myself, for data-broker exposure, passwords, and cryptographic hashing. Each one runs entirely in your browser: nothing leaves your device, no signup, no tracking.
- PrivacyFree
Data exposure check
An honest, browser-only read of your data-broker exposure, with a real opt-out plan. No data leaves your device, no signup.
Open tool - PrivacyFree
Password strength & breach check
Check a password's real entropy and crack time, and whether it has leaked in known breaches, all in your browser. Your password never leaves the device.
Open tool - PasswordsFree
AI password generator
Generate strong, memorable passwords with entropy hints. Runs in your browser, no tracking, no signup.
Open tool
Discover more
Three more directories worth a slow browse.
- Podcasts
A directory with opinions
Hand-curated technology, AI, cybersecurity, and B2B SaaS podcasts. Every show has a real editorial take. No SEO chaff.
Browse podcasts - Books
An editorial reading list
What each book actually teaches, who it's for, and who it isn't. Curated, not algorithmic.
Browse books - Startup Offers
Founder-only credits & discounts
The mapped directory of every major startup credit program, with stage gates and application sequences that actually work.
Browse startup offers