13 basic steps to start a practical implementation of DevSecOps at your organisation

Hello Friends, I want to share with you a blogpost I created as an attempt to bring some more clarity to the concepts that are [finally] getting more attention of the public. I’m a solid believer that the potential of the tribe can be tapped into it’s full extent only if all the members of … Continue reading 13 basic steps to start a practical implementation of DevSecOps at your organisation →

Własny LAB do nauki pentestów – jak zacząć

Niedawno na Facebookowej grupie "Testowanie Oprogramowania" pojawiło się ciekawe pytanie: Próbuję się przekwalifikować z testera manualnego na pen testera. Zmieniłam teraz pracę i jako pierwsze zadanie jako nowy penetration tester zostało mi polecone zbudowanie laba. Narazie nie wiem jak zabardzo to ugryźć. Ogólnie dopiero formujemy security team więc wszystko jest jeszcze bardzo płynne. Docelowo lab … Continue reading Własny LAB do nauki pentestów – jak zacząć →

My book “Social Skills For Information Security Professionals: A Handbook For Those Who Strive To Lead And Manage Effectively” is live

Here it comes! 11 years of learning, 2 years of writing, 84 pages for you to read. 🙂 You can download a pdf here: Social Skills For Information Security Professionals: A Handbook For Those Who Strive To Lead And Manage Effectively by Dawid Bałut And a few words on how it all came to be that … Continue reading My book “Social Skills For Information Security Professionals: A Handbook For Those Who Strive To Lead And Manage Effectively” is live →

Social Skills For Information Security Professionals: On enabling others to perform at their best

Do the work behind the scenes and don’t be a workflow bottleneck InfoSec as an enabler If I were to choose only one thing to share with you, it would be that there is no place for a naysayer in a security department. It’s unbelievable how many of us kept doing the wrong things for … Continue reading Social Skills For Information Security Professionals: On enabling others to perform at their best →

Effective remote work – you need a separate office space

You need a separate room if you want to be effective while working remotely. There are so many reasons for it that even though I’ve been working remotely for over 7 years, every few months I discover new benefits of it. Many people attempt remote work, hoping that their lives will get so much better … Continue reading Effective remote work – you need a separate office space →

I’m never motivated or inspired.

Sometimes I get asked a question, which I rarely reply to. Not because I don't like the question - I actually love it - but because I never agree to go over-simplistic on things of that nature. The question is - "what motivates you to work so much?". Straight up answer is that I rarely … Continue reading I’m never motivated or inspired. →

Hacker’s approach to productivity and career development – Universal Truths

On 15th of November 2018 I gave a talk at TestWarez conference, where I wanted to share my experience and observations, to help others gain a bit richer perspective on life, which would help them solve non-trivial career related challenges. Unfortunately I've ran out of time before I could close my story properly, which is … Continue reading Hacker’s approach to productivity and career development – Universal Truths →

Social Skills For Information Security Professionals: on leading by example, removing roadblocks and simplification

Show up, adapt and deliver results Everyone needs to be made aware that security testing is a time consuming activity, so it must be included in release planning schedules. It’s generally a good idea to jump in with security tests when QA Team is given their time to do the “regular” testing. While we’d love … Continue reading Social Skills For Information Security Professionals: on leading by example, removing roadblocks and simplification →

Social Skills For Information Security Professionals: On Agile, Secure SDLC and Unhealthy Habits

Agile implementation of security into a corporate culture Start small I recommend you to take baby steps with all of the security initiatives you want to start at your company. By balancing the workload and adaptability you can demonstrate coworkers and executives that security doesn’t need to be tangled and complicated. If you show people … Continue reading Social Skills For Information Security Professionals: On Agile, Secure SDLC and Unhealthy Habits →

Social Skills For Information Security Professionals: On Credibility, Awareness and Business

Align strategy with business stakeholders first Who’s actually responsible for investments in security? Security issues don’t pop up out of nowhere. Code, products, infrastructure and business quality is always a responsibility of a human being. So why don’t we treat it as such, and we seem to be always obsessing about technology rather than going … Continue reading Social Skills For Information Security Professionals: On Credibility, Awareness and Business →