Learning Roadmap for the

Security Engineer

Attacking and Defending SQL Injection with Java Spring Boot
Attacking and Defending Persistent XSS with Java EE
Attacking and Defending Session Fixation with Java EE
Attacking and Defending XXE with Java EE
Implementing CSRF (Cross-Site Request Forgery) with Java EE
Attacking and Defending Insecure Deserialisation with Java EE
Attacking and Defending Insecure Deserialisation with Java EE
Attacking and Defending SSRF with Java EE
Attack and Defense SSRF With Django
Attacking and Defending SQL Injection with Java EE
VueJS: Content Security Policy Playground
ReactJS - Cross Site Scripting Playground
ReactJS - CSP Attack and Defense Playground
TLS and Encrypting Data in Transit
GRAPHQL Attack Vectors
Cross Origin Resource Sharing Playground
SAML Attack and Defense
Kotlin Security Playground
Swift Security Playground
Server-Side Request Forgery: Attack & Defense
Introduction to Web App Cryptography
Injections, XXE, and Insecure Deserialization
Cross-Site-Scripting Attack and Defense
Attacking and Defending Authentication & Access Control
Breaking and Defending Azure Storage
Azure Sentinel: A Comprehensive Guide to Cloud-Native SIEM
Azure functions Security
Practical Azure Key Vault
Securing Network Access to Azure Virtual Machines
Introduction to Azure IAM
Introduction to Azure
Git 101
Jenkins Integration
DevSecOps with Gaia
Jenkins Security Best Practices
OSV Scanner Security Playground
Nuclei Automation for DevSecOps
DevSecOps with Gitlab CI
DAST with Jenkins
Static Analysis and Code Review for DevSecOps
Source Composition Analysis for DevSecOps
SCA with Jenkins
SAST with Jenkins
Github Actions for DevSecOps
DAST Automation with OWASP ZAP
API Attack Surface: Service Account & Token Exploitation
Advanced ArgoCD Security and Access Management
Mastering ArgoCD: Kubernetes Deployment Fundamentals
Introduction to Istio
Attacking Kubernetes Clusters Playground
Kubernetes Policy Management with Kyverno
Kubernetes Network Security and Service-Mesh Essentials
Kubernetes Authentication and Authorization
Kubernetes Admission Control
Kubernetes 101
Container Security 101
Essentials of Container Monitoring
Container Supply Chain Security Essentials
Attacking and Securing Container Registry
Attacking and Defending Containers
Threat Modeling with Microsoft Threat Modeling Tool
Threat Modelling Essentials
Agile Threat Modelling

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Our Newsletter
Get Started
X
X
Copyright AppSecEngineer © 2025