Resources

This is a collection of valuable resources that I’ve found helpful throughout my journey. While it may not capture everything that’s out there, I aim to include only those resources that I have personally used and can genuinely vouch for. There are no referral links, and the resources are listed in no particular order.

Cloud agnostic

• Awesome Cloud Security
• CloudSecDocs
• Cloud Security Wiki
• pwnlabs.io - hands-on cloud security labs

Azure

• John Savill’s Technical Training
• Azure Cheat Sheets - Tutorials Dojo
• Azure Sheets
• Mock exams - MeasureUp
• Microsoft Cybersecurity Reference Architectures - MCRA
• Azure Well-Architected Framework
• Refined Microsoft Learn
• r/AzureCertification
• Microsoft’s free labs

AWS

• Stephane Maarek
• Adrian Cantrill

Terraform

• Bryan Krausen
• Terraform Cheat Sheet
• Hashicorp’s tutorials
• Terraform: Up & Running

Kubernetes

• Killer.sh simulators
• Mumshad Mannambeth’s CKA course
• KodeKloud Community FAQ
• Awesome-Kubernetes
• K8s Practice Training
• vimtutor

Security basics

• Professor Messer’s Free Security+ Course
• NIST - National Vulnerability Database
• MITRE ATT&CK®
• badssl.com
• TryHackMe - practice makes perfect!
• OSINT Framework
• Awesome Security

Communities, events, networking

Global:

• InfoSecMap
• Crossweb
• Meetup
• fwd:cloudsec
• OWASP
• Certification Station
• CrankySec
• r/cybersecurity
• r/netsec
• Microsoft’s Security Connection Program

Poland-based:

• ISSA Polska Events list
• Oh My Hack
• Crossweb
• DC4822
• SecureWay Meetup
• ISC2 Poland Chapter
• Hakbreakers

Food for thought

• Why you need a “WTF Notebook”
• The Ideal Candidate Will Be Punched In the Stomach
• Ceremonial Security and Cargo Cults
• Why Your Best Engineers Are Interviewing Elsewhere
• How Complex Systems Fail
• Nick Jones
• Chris Farris
• Kalzumeus
• Ludicity
• Marco Lancini
• Rami McCarthy
• Tom Kranz

Podcasts

• CyberWire Daily
• Darknet Diaries
• Cloud Security Podcast
• The Azure Security Podcast
• CTO Morning Coffee (PL)
• Patoarchitekci (PL)

Personal development

• Start with Why: How Great Leaders Inspire Everyone to Take Action
• Deep Work: Rules for Focused Success in a Distracted World
• CliftonStrengths
• Thinking, Fast and Slow
• Why We Sleep: Unlocking the Power of Sleep and Dreams
• Atomic Habits
• How to Win Friends & Influence People

Privacy

• Digital Defense
• Surveillance Self-Defense
• Awesome Privacy
• A Comparative Analysis of Top Overlay VPN Networks

CISSP

I recommend refraining from official ISC2 materials, as they tend to be expensive and not easy to comprehend. Instead, consider the following resources:

• Pete Zerger’s Exam training
• DestCert CISSP Study Guide Book
• Pete Zerger’s CISSP: The Last Mile
  • This book does a better job at sticking to ISC2 nomenclature. The benefit of reading also the DestCert book is that you will get used to different ways of describing the same thing. This eventually helps during the exam.
• Quantum Exams CAT
• Stank industries practice questions
• Learnzapp
  • Learnzapp is not essential by any means, but it is convenient to brute force the knowledge and check your understanding of the basics. One month of access is more than enough.
• Kelly Handerhan: Why you will pass the CISSP
• Andrew Ramdayal: 50 CISSP practice questions
• Larry Greenblatt: CISSP semantics

Non-fiction books on security

• The Cuckoo’s Egg by Clifford Stoll - a classic
• Sandworm by Andy Greenberg - APTs
• This Is How They Tell Me the World Ends by Nicole Perlroth - zero-day market

Miscellaneous

• Paul Jerimy’s Security Certification Roadmap
• GitHub Education - for students
• Microsoft Security automation blog by Truls Dahlsveen
• Cloud Resume Challenge
• Cyber Security Roadmap
• Automate the Boring Stuff with Python
• Google’s SRE Books
• Ansible 101 - Jeff Geerling
• The SSO Wall of Shame

This Blog

• Minimal Mistakes theme
• Jekyll wiki
• Icons
• A proper technical how-to guide
• Favicons