Insights
Field notes from AHAT
Explainer-style writing on the topics that come up most often in scoping calls — MTCIT accreditation, Oman data residency, 24/7 SOC operations, and the underlying technology. Written by the AHAT team.
MTCIT accreditation for security assessment providers in Oman: what it means and how to verify it
If you are scoping a security assessment, penetration test, or compliance engagement in Oman, the first filter is whether the provider is MTCIT-accredited. Here is what that actually means.
Data residency in Oman: Azure regions, on-prem, and what the TRA Telecom Services Licence covers
Government and financial-sector buyers in Oman routinely ask: can my data stay inside the Sultanate? The honest answer is 'yes, with a few options'. Here is what each one looks like.
What a 24/7 SOC actually delivers (MITRE ATT&CK, SIEM, XDR explained)
Most explanations of a 24/7 SOC describe what is in it (analysts, screens, dashboards). This one describes what it delivers — and what SIEM, XDR, and MITRE ATT&CK actually do behind the dashboards.