I’m NOT on Instagram

I just learnt someone took over the IG handle I use online on various social media platforms "thedawidbalut", so wanted to alert you that this isn't me. I deleted my Instagram account sometime in 2020 and have zero intentions of ever using the platform again.I already reported the account to IG Abuse as impersonation but … Continue reading I’m NOT on Instagram →

Rozmowa Kontrolowana #95

Czym jest ten słynny DevSecOps? Kogo zatrudniają działy bezpieczeństwa? Jak rozwijać swoje umiejętności na początku ścieżki zawodowej w IT Security? Na te i inne tematy możecie poznać moją opinię w podcaście, który powstał dzięki gościnie Adama Haertle oraz Adama Lange. Link do nagrania poniżej: https://www.youtube.com/watch?v=FCL7KKNhrX4

NIST Cybersecurity Framework v1.1 – Shortened

Introduction Everyone I’ve ever talked to who was given a responsibility of managing security of their company was always extremely busy, leaving very little time for self-education - I’ve been in the same boat for years. Which is very unfortunate, because nothing can expedite your journey like learning from the experience of your peers. NIST … Continue reading NIST Cybersecurity Framework v1.1 – Shortened →

Practical guide into GCP Security – entry/mid-level

A brilliant resource for everyone trying to grasp the practical concepts of GCP Security. It was released a couple of months ago, I've just run into it and it's so tremendous that I have to share it with all of you. https://services.google.com/fh/files/misc/google-cloud-security-foundations-guide.pdf

To grow is to care about others

See, the more you know and have, the more you have to share. I don't think I ever had the urge to make money to spend money. I never had an urge to develop my career to make myself look better in eyes of others. I never wanted anything more than to provide for my … Continue reading To grow is to care about others →

The fallacy of building vs buying

It didn't happen once or twice, that I fooled myself into thinking that I can build the very thing that I aka my organization needs. Even when I in fact was able to, it doesn't mean I should've done so. See, when you're growing an organization and you happen to have your own software engineering … Continue reading The fallacy of building vs buying →

Security perimeter, budgeting and technical debt

Regardless whether you're creating and selling software or you're just using it to run your daily operation, you are an IT company. Show me a business which doesn't require technology as an essential element of its strategy and I'll show you what you're missing. If you've been listening closely to the things taking place in … Continue reading Security perimeter, budgeting and technical debt →

Security Principles of Google Cloud Platform

While studying new material in private time I like to take notes to memorize things better and have neat reference material for the future. I often end up polishing some of my notes on a specific subject and releasing it to the infosec community, and I've found such a piece of work from last year … Continue reading Security Principles of Google Cloud Platform →

Useful training and mindset for becoming a Cloud Security Architect

A couple of weeks ago I was asked by my colleague to give him some clues and tips on how to become a Cloud Security Architect, as that's the venture he wants to follow and he knows I've been in architect-alike roles for a while. Knowing how much fulfillment one can get from a good … Continue reading Useful training and mindset for becoming a Cloud Security Architect →

[PL] Jak przygotować się do zdania certyfikatu OSCP

Całkiem często pojawia się w polskim community pytanie odnośnie tego jak poradzić sobie z certyfikacją Offensive Security Certified Professional, więc uznałem, że troszkę wypada dorzucić swoje trzy grosze biorąc pod uwagę to, że w ciągu ostatnich 3 lat rekrutowałem kilkadziesiąt osób do różnych działów cyberbezpieczeństwa i sporo z tych osób próbowało swoich sił właśnie z … Continue reading [PL] Jak przygotować się do zdania certyfikatu OSCP →