Skip to content

Contact us

Contact us

How can we help you?

There are no suggestions because the search field is empty.

Help Center
Training Library
Recommended Paths

Security Journey Release Notes
- HackEDU Release Notes
- Security Journey Release Notes
Configuration and Setup
Training Library
Assessments
Assignments
- Setup and Configuration
- Assignment Features
Tournaments
Champion Passport
Reporting
- API
- Reporting FAQs
Customer Support & Feedback
Security Journey FAQs
Learner Resources
Hands-On Break/Fix Lesson Help
HackEDU Platform

June 6, 2025

Recommended Path: Cloud Engineer

This article describes our Recommended Cloud Engineer Paths.

Our Cloud Engineer Path is for individuals responsible for designing, developing, and managing cloud-based systems, including architects, engineers, and other similar positions. After completing these learning paths, Cloud Engineer Learners will be enabled to use secure design principles to create secure cloud systems.

The Cloud Engineer training content is organized into three progressive levels:

Cloud Engineer Foundational: Covers foundational application security principles for cloud engineers.
Cloud Engineer Intermediate: An in-depth exploration of threat modeling, threats, and security controls for cloud engineers.
Cloud Engineer Advanced: Learners choose their language/technology/framework to move into more advanced topics with an opportunity to learn how to break and fix code in a real application environment:
- AWS
- GCP
- Azure

Foundational: Cloud Engineer

Video Only | Total Learning Path Duration: 4 hours and 11 minutes

Introduction to Security Journey

Introduction to Security

Core Security Concepts

Threat Landscape

The Hacker Mindset

Social Engineering

Security Culture and Mindset

Security Business Case

Prioritizing Security

Translating Security

Risk Managment for AppSec

Privacy and Customer Data Protection

Dealing with Vulnerabilities

Security at Home

Tips for Secure Remote Work

Knowledge Sources

Threat Landscape: Cloud

Secure Development Lifecycle

Six Foundational Truths of Application Security

Intermediate: Cloud Engineer

Video and Hands-on | Total Learning Path Duration: 4 hours and 57 minutes

Security Requirements

Threat Modeling Basics

Threat Modeling Process

Threat Modeling Examples

Threat Modeling Manifesto

Threat Modeling (HackEDU)

Input Validation

Output Encoding

Authentication Theory

Authorization Theory

Logging and Exception Handling

Software Supply Chain

CWE Top 25 | Part 1

CWE Top 25 | Part 2

CWE Top 25 | Part 3

CWE Top 25 | Part 4

Static Application Security Testing (SAST)

Static Application Security Testing (SAST) (HackEDU)

Dynamic Application Security Testing (DAST)

Dynamic Application Security Testing (DAST) (HackEDU)

Vulnerability Scanning

Next Generation AppSec Tools

Penetration Testing and Bug Bounty

Advanced: AWS (Cloud Engineer)

Video Only | Total Learning Path Duration: 4 hours and 59 minutes

Penetration Testing and Bug Bounty

AppSec in an Agile World | Part 1

AppSec in an Agile World | Part 2

AppSec in a DevOps World

Security Behaviors for DevOps

Designing a Secure App or Product

Thinking like a Penetration Tester

AWS: Introduction to AWS Security

Cloud Governance

AWS Five Cloud Security Disciplines

Cloud Threat Landscape

AWS Security Top Ten

AWS Secure Access Control

AWS S3 Hardening

AWS EC2 Hardening

AWS Centralized Logging

AWS Managing Secrets

AWS Security Tools

Advanced: Azure (Cloud Engineer)

Video Only | Total Learning Path Duration: 4 hours and 1 minute

Penetration Testing and Bug Bounty

AppSec in an Agile World | Part 1

AppSec in an Agile World | Part 2

AppSec in a DevOps World

Security Behaviors for DevOps

Designing a Secure App or Product

Thinking like a Penetration Tester

Introduction to Cloud Security

Cloud Governance

Azure Security Top 10

Managing Secrets in Azure Part 1

Managing Secrets in Azure Part 2

Azure Centralized Logging

Azure Blob Storage Hardening

Azure Virtual Machine Hardening Part 1

Azure Virtual Machine Hardening Part 2

Azure Security Tools Part 1

Azure Security Tools Part 2

Advanced: GCP (Cloud Engineer)

Video Only | Total Learning Path Duration: 4 hours and 20 minutes

Penetration Testing and Bug Bounty

AppSec in an Agile World | Part 1

AppSec in an Agile World | Part 2

AppSec in a DevOps World

Security Behaviors for DevOps

Designing a Secure App or Product

Thinking like a Penetration Tester

Introduction to Cloud Security

Cloud Governance

The Five Cloud Security Disciplines

Cloud Threat Landscape

GCP Security Tips

GCP Authentication and Authorization

GCP Logging and Monitoring

GCP Storage Hardening

GCP Managing Secrets

GCP Network Security

GCP Securing Virtual Machines

GCP Security Tools

GCP Securing Google Kubernetes Engine

Copyright © 2025, Security Journey