What we're about

The stuff nobody's watching — so you can.

Quiet Failures is security for people who never signed up to do security — SMEs and agencies that run real infrastructure but have never treated it as their job. The things that hurt these companies are rarely dramatic. They're quiet: a secret leaking in a repo, an OAuth grant nobody revoked, an SPF record one lookup away from failing in silence, a "best practice" that quietly stopped being true. Nothing is on fire — which is exactly why no one looks.

It's a free weekly teardown, and the spine of everything we do. Every week it takes apart one real, fixable thing — config tear-downs, access and identity, app-sec basics, the odd myth worth busting — always the same way: what's broken, how to check it yourself in about ten minutes, and how to close it for good. Enterprise-grade security, sized for a team that can't afford one. Most issues sell nothing. That's deliberate: the point is to be genuinely useful whether or not you ever buy a thing.

Quiet Failures is published by Quesvox, which also makes the free tools and products underneath — DomainOps for domain, DNS and certificate posture, and AuthScope for OAuth and access hygiene. They automate the checks you'd otherwise have to remember to run. But the manual check always comes first, and it always costs nothing.

We practise what we preach: our own email authentication, monitoring and access hygiene are held to the same standard we write about. If we can't get it right, we've no business telling you how.

Quiet Failures, from Quesvox

Find the risk before it finds you.

Join the people running their own posture checks every week — with no security team and ten spare minutes.

Check your inbox — confirm and you're in. First issue: The OAuth grant nobody revoked.

Free · one issue a week · no pitch · unsubscribe anytime