Origin Story

The Breach That Never Happened started from a recurring pattern seen across years of penetration testing and security engineering work.

Companies would bring in testers after a breach, after a compliance deadline, or after customers demanded proof of security. Almost every time, the vulnerabilities discovered were not sophisticated zero-days or nation-state techniques. They were small misconfigurations, excessive permissions, forgotten systems, or simple architectural oversights that had quietly accumulated over time.

In many cases, those weaknesses were discovered just in time, before attackers found them. A single permission removed, a configuration corrected, or a service isolated prevented what could have become a major incident.

Those near-misses rarely get documented. Only successful breaches make headlines.

This newsletter documents the other side: the incidents that could have happened but didn’t, because someone found the issue in time.

Each issue walks through how a vulnerability could have been exploited, what the real-world impact would have looked like, and what changes prevented the breach.

The goal is simple: make real security failures understandable, and show how preventable most breaches actually are.

Author

The newsletter is written by Cariel Cohen.

Cariel is the Co-Founder and CTO of Penti, where he leads the development of agentic penetration testing systems designed to continuously discover and validate real exploit paths across modern infrastructure.

Over more than two decades, Cariel has built and led engineering and security teams across cloud infrastructure, SaaS platforms, and enterprise environments. His experience spans application development, platform architecture, compliance programs, and large-scale cloud security, including roles building and securing production systems used by startups and large organizations alike.

His work today focuses on translating real attacker behavior into repeatable testing and remediation workflows, helping organizations identify risks early and resolve them before they turn into incidents.

Contact

For questions regarding the newsletter or its content, inquiries can be sent via LinkedIn. Replies may take time, but all inquiries are reviewed.