Skip to content

Welcome to CloudSecDocs

TL;DR

CloudSecDocs is a website collecting and sharing technical notes and knowledge on cloud-native technologies, security, technical leadership, and engineering culture, hand curated by Marco Lancini.

The Rationale

For the past few years, I've been collecting information as I was getting accustomed to DevOps concepts, Docker, Kubernetes, and the main cloud providers (AWS, GCP, and Azure). Now, I've decided to make these notes public for everyone to consult.

For (slightly) more details on how CloudSecDocs came to be, you can read the companion blog post: "Introducing CloudSecDocs.com".

Some sections are still work in progress

Just a FYI: for some topics I have further additional content which I haven't got to process and categorise yet. In particular, more material for the following topics will be added in the upcoming weeks/months:

  • IAM: information, best practices, and tutorials on AWS/GCP/K8s IAM
  • Monitoring: everything related to security monitoring and alerting
  • Incident response: think about containment, forensics, etc.
  • Istio: how does it work and how to secure it

Additionally, I envision this website to integrate closely with CloudSecList, as every week I'll add the more interesting articles back here.

The Structure

This website is currently composed by 8 main sections (as shown in the table below), each containing my personal notes on that specific topic:

Section Content
Containers Docker & Kubernetes fundamentals, architecture, sample apps, usage
Container Security Theory beyond Docker & Kubernetes security, offensive security & pentest resources, , defensive resources (best practices, tooling, etc.)
Devops Strategy, Pipelines (building & securing), supply-chain, tooling, design & processes
AWS Services overview, offensive security & pentest resources, defensive resources (best practices, tooling, etc.)
Azure Services overview, offensive security & pentest resources, defensive resources (best practices, tooling, etc.)
GCP Services overview, offensive security & pentest resources, defensive resources (best practices, tooling, etc.)
Kafka Security & tooling
Culture & Engineering Security Programs, Engineering Decisions, Personal Development, Career Progression, Technical Leadership, Management
Cheatsheets Cheatsheets for programming languages and UNIX tools

Disclaimer

As mentioned, these are my personal notes, collated and made available for everyone to reference. Hence, I would like to highlight some points:

  • These notes might contain errors, so please always double-check what you are reading.
  • These notes come from aggregating many different and amazing sources. I tried to explicitly put references to the original sources, but in case I missed something please do let me know and I'll amend it promptly.

Contact

For any question on this website, you can contact me on Twitter @lancinimarco or on marcolancini.it.

Back to top