Learning Roadmap for the

Security Engineer

Server-Side Request Forgery: Attack & Defense
Introduction to Web App Cryptography
Injections, XXE, and Insecure Deserialization
Cross-Site-Scripting Attack and Defense
Attacking and Defending Authentication & Access Control
Practical Azure Key Vault
Securing Network Access to Azure Virtual Machines
Introduction to Azure IAM
Introduction to Azure
OSV Scanner Security Playground
Nuclei Automation for DevSecOps
DevSecOps with Gitlab CI
DAST with Jenkins
Static Analysis and Code Review for DevSecOps
Source Composition Analysis for DevSecOps
SCA with Jenkins
SAST with Jenkins
Github Actions for DevSecOps
DAST Automation with OWASP ZAP
Kubernetes Policy Management with Kyverno
Kubernetes Network Security and Service-Mesh Essentials
Kubernetes Authentication and Authorization
Kubernetes Admission Control
Kubernetes 101
Essentials of Container Monitoring
Container Supply Chain Security Essentials
Attacking and Securing Container Registry
Attacking and Defending Containers
Threat Modelling Essentials
Agile Threat Modelling