NIST Cybersecurity Framework v1.1 – Shortened

Introduction Everyone I’ve ever talked to who was given a responsibility of managing security of their company was always extremely busy, leaving very little time for self-education - I’ve been in the same boat for years. Which is very unfortunate, because nothing can expedite your journey like learning from the experience of your peers. NIST … Continue reading NIST Cybersecurity Framework v1.1 – Shortened →

Czego oczekuję od juniorów w IT

4 porady dla ambitnych juniorów https://www.youtube.com/watch?v=7xDmorVvCGU

Wdrażamy DevSecOps – chmura, SDLC i podstawy skuteczności i rozsądku

Pytacie o DevSecOps i słusznie, bo to gorący temat - więc nagrałem dłuższy materiał wyjaśniający o co chodzi w tym buzzwordzie i jak zacząć się z tym bawić. https://www.youtube.com/watch?v=XwjLUnY4MOc&feature=youtu.be

Practical guide into GCP Security – entry/mid-level

A brilliant resource for everyone trying to grasp the practical concepts of GCP Security. It was released a couple of months ago, I've just run into it and it's so tremendous that I have to share it with all of you. https://services.google.com/fh/files/misc/google-cloud-security-foundations-guide.pdf

Jak zatrudniam juniorów IT Security – wskazówki dla młodych bezpieczników

https://www.youtube.com/watch?v=UZ8wMUcfHMc

To grow is to care about others

See, the more you know and have, the more you have to share. I don't think I ever had the urge to make money to spend money. I never had an urge to develop my career to make myself look better in eyes of others. I never wanted anything more than to provide for my … Continue reading To grow is to care about others →

The fallacy of building vs buying

It didn't happen once or twice, that I fooled myself into thinking that I can build the very thing that I aka my organization needs. Even when I in fact was able to, it doesn't mean I should've done so. See, when you're growing an organization and you happen to have your own software engineering … Continue reading The fallacy of building vs buying →

Security perimeter, budgeting and technical debt

Regardless whether you're creating and selling software or you're just using it to run your daily operation, you are an IT company. Show me a business which doesn't require technology as an essential element of its strategy and I'll show you what you're missing. If you've been listening closely to the things taking place in … Continue reading Security perimeter, budgeting and technical debt →

Freelancing and career development in Cybersecurity

Jakiś czas temu na grupie pojawiło się pytanie odnośnie tego jak zacząć karierę w security, jak zostać pentesterem, bug bounty hunterem i jak rozwijać się dalej, pozyskiwać kontrakty i nowych klientów. Nagrałem niedawno dwa podcasty z Peerlystem, w który odpowiedziałem na kilkanaście świetnych pytań. Łącznie ponad 75 minut treści, które polecam każdemu kto chce nauczyć … Continue reading Freelancing and career development in Cybersecurity →

Security Principles of Google Cloud Platform

While studying new material in private time I like to take notes to memorize things better and have neat reference material for the future. I often end up polishing some of my notes on a specific subject and releasing it to the infosec community, and I've found such a piece of work from last year … Continue reading Security Principles of Google Cloud Platform →