All posts by: Krystian Piwowarczyk

Cybersecurity

How OWASP, PTES, and NIST Shape Penetration Testing

This article explains what penetration testing methodologies really mean and how OWASP, PTES, and NIST influence real-world security testing. It shows how these frameworks guide tester actions, reporting, and risk reduction when applied correctly. Practical examples and scenarios demonstrate how mature teams blend methodologies to align testing with actual attacker behavior.

2026-06-15

HR Tech

Spring 2026 Update: CV Processor, Web Pentest Labs & Security

Our spring 2026 release introduces the CV Processor module, Web Pentest Labs for vulnerability assessment, OAuth 2.0 SSO, performance improvements, Gotenberg-powered PDF reports, admin audit logging, improved accessibility, and extensive security hardening across the platform.

2026-05-11

Cybersecurity

API Security: The Biggest Risk in Modern Applications

This article examines how APIs replaced browsers as the true security perimeter in modern application architectures. It explains why traditional web security fails, which API vulnerabilities drive real breaches, and how organizations can embed API security into SDLC

2026-04-20

Software development

Quantum Computing: From Basics to Qiskit Workflows

This article explains why certain computational problems remain intractable on classical systems and how quantum computing addresses those limits. It introduces qubits, entanglement, and quantum algorithms with formal grounding, then demonstrates a complete Qiskit-based workflow. Practical use cases, framework comparisons, and realistic expectations are discussed throughout.

2026-03-30

Red Teaming

DLL Sideloading - beyond classic DLL Hijacking - Red team diaries

This article examines how DLL hijacking has evolved from a crude exploit technique into subtle abuse of legitimate extensibility in trusted Windows applications. It explains why signed software and modern protections shift, rather than eliminate, DLL loading risks and offers practical guidance for detection and mitigation. This is the first in a series of articles on DLL Hijacking.

2026-03-23

Cybersecurity

Zero Trust security explained: moving beyond the perimeter

This article explains why perimeter-based security models fail in modern environments and how Zero Trust Security addresses those weaknesses. It covers principles, architecture components, implementation phases, and real-world scenarios. The focus is on identity-driven access, continuous verification, and practical adoption strategies.

2026-03-02

Career development

Building a real career in Modern Quality Assurance

This article provides a comprehensive, practical guide to modern quality assurance as a profession. It explains how QA works across the software lifecycle, explores roles from manual testing to automation and specialization, and offers concrete tools, workflows, and career advice for newcomers and experienced practitioners.

2026-02-16

Software development

Software Dev Upskilling: Build a Career That Thrives

This article explains why continuous upskilling is essential for modern software developers and how to approach it strategically. It covers reading market signals, choosing effective learning pathways, applying skills through real work, and balancing growth with long-term sustainability.

2026-02-09

HR Tech

Transforming Corporate Training with Modern HR Tech

This article examines how modern HR technology transforms corporate training from static, classroom-based programs into dynamic digital learning ecosystems. It explores LMS platforms, virtual and AI-powered learning, analytics, and governance. The focus is on aligning learning with business performance and continuous skill development.

2026-02-02

Cybersecurity

Healthcare Cybersecurity as a Patient Safety Imperative

This article explores how modern cyber threats directly impact patient safety in healthcare environments. It examines the healthcare threat landscape, data sensitivity, EHR and medical device security, and the role of regulation in building real cyber resilience.

2026-01-26

Career development

Check Point Network Engineer: Skills & Career Path

This article explains what it truly takes to become a Check Point Network Engineer, from foundational networking skills to mastering enterprise firewall technologies. It covers real-world responsibilities, tools, labs, certifications, and long-term career growth.

2026-01-18

HR Tech

January 2026 Update: New IT Profiles and Practical Labs

This article explores our latest platform update, including new IT profiles, thousands of new questions, Azure practical labs, and infrastructure improvements. It highlights how these changes improve practical skill assessment and overall reliability.

2026-01-12

HR Tech

Data-Driven Hiring: From Gut Feeling to Evidence

This article examines how organizations can shift from intuition-led hiring to evidence-based recruitment using data, predictive analytics, and modern HR technology. It covers hiring signals, technology stacks, fairness, bias mitigation, and human-in-the-loop decision-making.

2026-01-04

HR Tech

Our Biggest Update Yet: 32 New Profiles, 72 Categories & More!

Yesterday, we rolled out our biggest update yet featuring 32 new IT & cybersecurity profiles, 72 added question categories, expanded coding support across five languages, and a new AI Assistant to guide profile selection. We've also launched beta open‑ended questions, enhanced performance & UI, and squashed several bugs for a smoother user experience.

2025-06-11

Cybersecurity

What is the cost of a cybersecurity data breach?

Discover the true cost of a cybersecurity data breach—from financial losses to reputational damage. This guide explores real-world incidents, defense strategies, and emerging cybersecurity trends to help businesses safeguard their digital assets.

2025-03-24

Red Teaming

How to create LSASS memory dump? - Red team diaries

Learn how attackers dump LSASS memory to steal credentials and how to defend against it. This post covers key attack techniques, mitigation strategies like Credential Guard and PPL, and detection methods using Splunk, ELK, and Sysmon. Both Red Team and Blue Team perspective are presented.

2025-03-10

Software development

The evolution of software development methodologies

Software development methodologies guide the process of designing, testing, deploying, and maintaining software applications. This article traces the evolution of these methodologies from the conception of structured programming with the Waterfall Model to modern, more collaborative frameworks such as DevOps and explores potential future trends.

2025-02-24

Cybersecurity Cryptology

General Overview of Cryptographic Algorithms

The article covers several types of cryptographic algorithms, detailing symmetric and asymmetric ciphers, stream and block ciphers, hash functions, and digital signatures. It discusses the characteristics, functionalities, and modern examples of each type, providing a comprehensive overview of these important components of cryptography.

2025-02-16

HR Tech

The Revolutionary Approach of Data-Driven Hiring

Data-driven hiring, employing advanced analytics and objectivity, is changing talent acquisition by introducing greater precision and fairness to the process. This revolutionary tool critically analyses every step in hiring, from sourcing to selection, using data and statistical analysis, making the process more efficient and effective.

2025-02-10

Cybersecurity Cryptology

An illustrated description of the AES Standard

This article provides an illustrated description of the AES Standard, examining its history, adoption process, and the inner workings of its Rijndael algorithm. Detailed explanations and technical insights are offered into its encryption rounds, transformations, and key expansion process.

2025-02-01

Cybersecurity

Exploring Different Types of Security Tests: A Comprehensive Guide

Security testing is crucial for any organization aiming to safeguard their digital assets. This guide provides a comprehensive understanding of the different types of security tests available, empowering organizations with the necessary insights to choose the right security protocols catering to their specific needs.

2025-01-27

HR Tech

End of the Beta Phase: A Milestone for Cyber Proficiency Center

We’re excited to announce that after five months of testing and development, the beta phase of the cp.center platform has officially concluded. The public beta, launched on June 7, transitioned into a fully operational platform as of November 16.

2024-11-20

HR Tech

New Cyber Proficiency Center feature — Live Labs

We just released a brand new format of practical task - Live Labs. This format allows to interact with Linux and Windows virtual machines and docker containers and perform different tasks before answering set of questions.

2024-09-11

HR Tech

Feedback is King?

Feedback is King? Why implementing a feedback mechanism can be very useful in the early stages of startup development. How CP.Center uses the feedback it collects to improve product quality and to plan further development. What dangers await when feedback is viewed uncritically.

2024-08-07

HR Tech

Cyber Proficiency Center now part of Microsoft for Startups Founders Hub

Announcement about CP.center joining Microsoft for Startups Founders Hub program in June 2024. We will use this opportunity to expand our capabilities even further in upcoming 12 months.

2024-07-22

HR Tech

Fighting cybersecurity skills gap using new type of solution

The cybersecurity skills gap remains a persistent challenge; however, innovative solutions are emerging to address this issue. By leveraging automation and implementing high-quality assessments and tasks, organizations can significantly enhance the efficiency and cost-effectiveness of their recruitment processes.

2024-06-10

Show more