1. What This Page Covers
This Content Policy explains the standards that govern all content published on threatmanifest.com — what we publish, how we research and verify it, how errors are corrected, and what content we will never publish.
2. Editorial Independence
All content on Threat Manifest is produced independently. No advertiser, affiliate partner, sponsor, or third party has editorial influence over any article, guide, framework reference, or resource published on this site.
Affiliate relationships are disclosed in full in our Affiliate Disclosure. The existence of an affiliate programme has no bearing on whether a product is recommended, how it is reviewed, or what is written about it.
3. What We Publish
Threat Manifest publishes two categories of content:
Lane 1 — Professional GRC
Articles, guides, and framework references covering SWIFT CSP, PCI DSS, ISO 27001, IT/IS audit, and risk and governance — written for compliance professionals, auditors, and financial institution teams.
All Lane 1 content is written from direct practitioner experience. Framework versions are stated explicitly on every piece. Content reflects the author's professional interpretation and is not a substitute for a formal assessment or qualified legal advice.
Lane 2 — General Security
Practical security guidance for everyday users — covering device security, scam awareness, and privacy tools. Written in plain language for a non-specialist audience.
Lane 2 content is researched independently and reflects current best practices at the time of publication. It is not tailored to any individual's specific situation.
4. Research and Accuracy Standards
- All content is researched against primary sources — official framework documentation (SWIFT, PCI SSC, ISO, NIST), regulatory publications, and direct professional experience
- Framework version numbers and publication dates are stated on all relevant content
- Tool recommendations are based on independent evaluation — not vendor claims
- Statistics and data points are sourced and attributed where included
- Content is reviewed before publication for factual accuracy
5. Corrections Policy
We take accuracy seriously. If content on this site contains a factual error:
- Corrections are made promptly upon verification
- Material corrections are noted inline on the affected article with a correction notice and date
- The article's last-updated date is revised to reflect the correction
To report an error, contact contact@threatmanifest.com with the article URL and details of the inaccuracy.
6. Content Dating and Versioning
Cybersecurity and compliance content becomes outdated. Every article on this site carries:
- A published date
- A last-updated date where the article has been revised
- An explicit framework version where applicable (e.g. SWIFT CSCF v2025, PCI DSS v4.0.1)
Readers should check the published and last-updated dates before relying on any time-sensitive content. Framework requirements, regulatory guidance, and security best practices change. Always verify against current official sources.
7. What We Do Not Publish
Threat Manifest will not publish:
- Content that provides instructions for conducting cyberattacks, exploiting vulnerabilities, or compromising systems without authorisation
- Content that facilitates fraud, scams, or criminal activity of any kind
- Content that demeans, harasses, or targets any individual or group
- Unverified claims presented as fact
- Sponsored content or paid placements presented as independent editorial
- Personal data, private information, or confidential details about any individual or organisation
8. Use of Artificial Intelligence
AI tools may be used in the content production process — for research assistance, drafting, or structural planning. All content published on this site is reviewed, edited, and approved by the site operator before publication. We do not publish AI-generated content without substantive human review and editorial input.
Framework-specific and compliance-specific content is held to a higher standard — practitioner experience and primary source verification take precedence over AI-assisted drafts.
9. Comments and User Submissions
This site does not currently operate a public comments section. Consulting enquiries and corrections submitted via email are handled privately and are not published without explicit consent.
If a guest contribution or write-for-us programme is introduced in the future, this policy will be updated to reflect the standards applied to external submissions.
10. Linking Policy
Threat Manifest links to external sources including official documentation, regulatory bodies, tool vendors, and reference publications. External links are included because they are useful to the reader — not as endorsements of the linked site's full content or positions.
We do not participate in link exchange arrangements. Inbound links to this site are earned editorially and are not sold or traded.
11. Changes to This Policy
This Content Policy may be updated to reflect changes in how content is produced, new content categories, or new tools used in the editorial process. The effective date at the top of this page reflects the most recent update.
12. Contact
For corrections, content concerns, or questions about this policy: