Welcome to CloudSecDocs¶
TL;DR
CloudSecDocs is a website collecting and sharing technical notes and knowledge on cloud-native technologies, security, technical leadership, and engineering culture, hand curated by Marco Lancini.
The Rationale¶
For the past few years, I've been collecting information as I was getting accustomed to DevOps concepts, Docker, Kubernetes, and the main cloud providers (AWS, GCP, and Azure). Now, I've decided to make these notes public for everyone to consult.
For (slightly) more details on how CloudSecDocs came to be, you can read the companion blog post: "Introducing CloudSecDocs.com".
Some sections are still work in progress
Just a FYI: for some topics I have further additional content which I haven't got to process and categorise yet. In particular, more material for the following topics will be added in the upcoming weeks/months:
- IAM: informations, best practices, and tutorials on AWS/GCP/K8s IAM
- Monitoring: everything related to security monitoring and alerting
- Incident response: think about containment, forensics, etc.
- Istio: how does it work and how to secure it
Additionally, I envision this website to integrate closely with CloudSecList, as every week I'll add the more interesting articles back here.
The Structure¶
This website is currently composed by 8 main sections (as shown in the table below), each containing my personal notes on that specific topic:
| Section | Content |
|---|---|
| Containers | Docker & Kubernetes fundamentals, architecture, sample apps, usage |
| Container Security | Theory beyond Docker & Kubernetes security, offensive security & pentest resources, , defensive resources (best practices, tooling, etc.) |
| Devops | Strategy, Pipelines (building & securing), supply-chain, tooling, design & processes |
| AWS | Services overview, offensive security & pentest resources, defensive resources (best practices, tooling, etc.) |
| Azure | Services overview, offensive security & pentest resources, defensive resources (best practices, tooling, etc.) |
| GCP | Services overview, offensive security & pentest resources, defensive resources (best practices, tooling, etc.) |
| Kafka | Security & tooling |
| Culture & Engineering | Security Programs, Engineering Decisions, Personal Development, Career Progression, Technical Leadership, Management |
| Cheatsheets | Cheatsheets for programming languages and UNIX tools |
Disclaimer¶
As mentioned, these are my personal notes, collated and made available for everyone to reference. Hence, I would like to highlight some points:
- These notes might contain errors, so please always double-check what you are reading.
- These notes come from aggregating many different and amazing sources. I tried to explicitly put references to the original sources, but in case I missed something please do let me know and I'll amend it promptly.
Contact¶
For any question on this website, you can contact me on Twitter @lancinimarco or on marcolancini.it.