FULL Cloud Security Roadmap for Beginners | How I Would Learn Cloud Security as a Complete Beginner

Summary

This video, presented by Sandra, offers a comprehensive roadmap for beginners eager to dive into cloud security in 2025. As cloud infrastructure continues to expand, understanding cloud security becomes increasingly important. Sandra outlines a six-step plan, starting with learning the basics of cloud computing through free resources offered by major providers like AWS, Azure, and Google Cloud. Next, she recommends delving into cybersecurity foundations, with tips on using free courses like CompTIA Security Plus. The journey continues with hands-on experience by setting up cloud environments and working on projects, utilizing tools like CloudSplaining and Scout Suite. The final steps involve compiling a project portfolio and fine-tuning resumes with tools like Massive to increase job application success. Throughout, Sandra emphasizes the importance of continuous learning and staying updated with cybersecurity trends.

Highlights

• Cloud security is booming as more companies move to the cloud. 🌥️
• Major providers offer free learning resources for beginners. 🎓
• Foundational cybersecurity knowledge is crucial for cloud roles. 🔐
• Hands-on projects enhance technical skills for job applications. 💼
• Continuous learning keeps you abreast with security trends. 📰

Key Takeaways

• Dive into cloud security with Sandra's six-step roadmap. 🚀
• Start by mastering cloud computing basics using free resources. 📚
• Gain cybersecurity proficiency with free training courses online. 🎓
• Set up your own cloud environment to get hands-on experience. 🛠️
• Build a strong project portfolio and tailor your resume for success. 📑
• Stay updated with the latest in cybersecurity and cloud trends. 🌐

Overview

In this immersive video, Sandra provides a step-by-step guide for beginners eager to enter the cloud security space in 2025. With the shift of companies to cloud infrastructure, there's a surging demand for security expertise. Sandra highlights the importance of starting with the basics of cloud computing, recommending free resources from top providers like AWS, Azure, and Google Cloud Platform.

Moving forward, she emphasizes foundational cybersecurity skills. Leveraging free courses such as the CompTIA Security Plus curriculum, learners can enrich their understanding of key topics essential for entry-level roles. Practical experience is key; Sandra advises setting up personal cloud environments and engaging with projects to apply theoretical knowledge.

The final steps focus on career readiness by building a detailed project portfolio and optimizing resumes for job applications using tools like Massive. Sandra encourages continual learning and staying informed on cybersecurity developments, vital for professional growth and adapting to new challenges in the cloud security field.

Chapters

• 00:00 - 00:30: Introduction to Cloud Security In this chapter, the focus is on introducing the importance of cloud security, particularly as it becomes a rapidly growing sector within the broader field of cybersecurity. The growing trend of companies moving to cloud infrastructures and hosting applications in the cloud necessitates a stronger emphasis on securing these environments. The chapter underscores the increasing demand for safeguarding applications, users, and data from potential threats within cloud settings, establishing cloud security as a critical and burgeoning niche in cybersecurity by 2025.
• 00:30 - 01:00: Importance of Cloud Security The chapter emphasizes the growing importance of a career in cloud technology over the next 5 to 10 years. It provides a roadmap in six steps with the first step focusing on learning the basics of cloud computing through free training provided by major cloud providers like Azure, AWS, and Google Cloud Platform. The speaker encourages taking advantage of the abundant free content and Cloud credits available to create personal cloud environments for hands-on learning.
• 01:00 - 02:00: Step 1: Learn Basics of Cloud Computing The chapter emphasizes the importance of understanding the basics of cloud computing, especially for students and beginners. It suggests taking advantage of free resources from major cloud providers to gain hands-on experience. It advises focusing on at least one cloud platform to understand their specific technologies, tools, and naming frameworks, which can be beneficial for job applications.
• 02:00 - 03:00: Step 2: Cybersecurity Foundations The chapter emphasizes the importance of understanding Cloud infrastructure and technology, while also specializing in at least one specific Cloud platform. This foundational knowledge is crucial for developing expertise in the field. Additionally, the chapter highlights the significance of learning cybersecurity foundations, suggesting a blend of free resources and structured courses. For beginners, the CompTIA Security+ is recommended as a free starting point.
• 03:00 - 04:00: Continuous Learning and News Feeds The chapter discusses the importance of continuous learning, particularly in the field of cybersecurity. It highlights resources like Professor Messer's free CompTIA Security+ training course available online, which covers over 600 cybersecurity topics. These topics are crucial for anyone aiming for an entry-level cybersecurity position, such as a security analyst. Key areas covered include encryption, identity and access management (IAM), network security, multi-factor authentication (MFA), as well as networking threats and vulnerabilities. The chapter emphasizes using such resources to build a foundational understanding of essential cybersecurity concepts.
• 04:00 - 05:00: Understanding Cybersecurity Tools The chapter 'Understanding Cybersecurity Tools' provides an introductory overview of learning pathways in cyber security, starting with foundational cloud and cyber security topics. It suggests these as essential foundational steps for engaging in cloud security projects. The transcript mentions several beginner-friendly training resources and paths, including the Google Cyber Security Search, and suggests specific tools and platforms for deeper specialized training like 'Let's Defend' for blue team interests and 'Hack The Box' or 'TryHackMe' for red team training.
• 05:00 - 06:00: Hands-On Cloud Learning Environment The chapter titled 'Hands-On Cloud Learning Environment' discusses various platforms available for gaining hands-on cloud training without prior cybersecurity work experience. It emphasizes taking advantage of these resources and recommends specific learning resources, including LinkedIn courses. The suggestion is to dedicate up to two weeks to complete one cloud training path to grasp the basic concepts, acknowledging that it might take up to three weeks for the entire course. Additionally, the chapter emphasizes that both cybersecurity and cloud sectors require continuous learning beyond the basics.
• 06:00 - 07:00: Start Security Projects The chapter emphasizes the importance of continuous learning in the field of cybersecurity. It highlights the need to stay updated with cybersecurity news, trends, threat actors, and vulnerabilities. The chapter also suggests creating a personalized cybersecurity news feed using tools like Feedly, which can aggregate RSS feeds from various cybersecurity news outlets into a single platform for easy consumption.
• 07:00 - 08:00: Security Project Examples The chapter 'Security Project Examples' emphasizes the importance of staying updated on cybersecurity trends by using tools like Feedly, a free app available on the App Store. By dedicating just 10 to 15 minutes daily, one can follow various cybersecurity news outlets to learn about attacker activities and AI's role in changing the threat landscape. This practice can help identify areas for further learning in cybersecurity or cloud topics. Additionally, the chapter highlights the importance of getting acquainted with various cybersecurity tools that companies use to maintain security.
• 08:00 - 09:00: Create a Technical Project Portfolio The chapter discusses Veronis, a data security platform known for its data-centric approach to cloud security. It is highlighted as a unified solution that offers essential features integrated together, which automatically detects, fixes, and alerts about data issues. The chapter aims to simplify the understanding of these concepts for beginners by comparing past data storage methods where companies used their own data centers.
• 09:00 - 10:00: Conclusion and Recommendations The chapter discusses the advantages of using cloud environments over traditional data centers, highlighting cost-efficiency, scalability, speed, and heightened security due to rigorous audits and controls. It also introduces Veron, a solution for companies seeking visibility into their data and applications in the cloud.

FULL Cloud Security Roadmap for Beginners | How I Would Learn Cloud Security as a Complete Beginner Transcription

• 00:00 - 00:30 this is how I would learn Cloud security as a complete beginner in 2025 so you may or may not already know this but Cloud security is one of the biggest growing areas in cyber security especially as more and more companies transition into Cloud infrastructure and more applications are hosted on the cloud than ever this means there's going to be even more of a need to keep applications users and data within a cloud environment secure from vulnerabilities potential threats and threat actors and that is another reason why I personally believe that cloud security is going to be one of the big Niche areas that are going to be growing
• 00:30 - 01:00 in the next 5 to 10 years so yes this is one of the best times to start your career in cloud and in this video I'll be going over the entire road map for you to follow in six steps step number one learn the basics of cloud computing with free training so the three biggest cloud providers out there Azure AWS and Google Cloud platform all have free training so I would highly recommend taking advantage of this you're a beginner nowadays there's so much free content out there as well as even free Cloud credits that you can use to create your own cloud environments that you can spin up and configure on your own
• 01:00 - 01:30 without ever having to pay a fee especially if you're a student especially if you're a beginner so I would highly recommend going that route to get your hands- on training as well as of course learning the basics of cloud infrastructure and the similarities and differences between the three big cloud providers personally if you're just starting out it is typically recommended to start with at least one of the platforms so that you can get familiar with their Technologies their tools as well as different naming Frameworks that they have because it also helps if you're a little bit specialized for when you're applying to Future jobs that may be specifically an AWS shop an aure shop or the specific cloud provider that they're using so the
• 01:30 - 02:00 key here is to learn as much general knowledge about Cloud infrastructure and the technology behind it while also specializing a little bit in at least one specific Cloud platform so that you have some expertise orme knowledge I also link the free Cloud trainings from the different Cloud providers this is a really important First Step all right step number two learn cyber security foundations there's a lot of ways of doing this nowadays again a lot of material out there is free but there are also different courses different trainings that you can take personally what I would recommend if you're looking for free resources is to actually start with the comp to Security Plus
• 02:00 - 02:30 curriculum now you don't have to necessarily take the exam and and pay the exam fee but Professor Messer has a complete compo Security Plus training course and it is completely free on his website as well as on his YouTube channel it covers over 600 cyber security topics that are most commonly required for an entry-level cyber security job for a security analyst so I would highly recommend going through that list because it covers foundational topics like encryption identity access management or I am network security MFA networking threats and vulnerabilities and a lot more think of this as the
• 02:30 - 03:00 beginner crash course into cyber security so the first step was learning cloud foundations the second step is learning cyber security foundations and we're basically going to take these together and these are basically going to be your two starting posts for eventually the cloud security projects that you'll be working on which will also be covering in this video I also have a lot of videos on beginner cyber security training the Google cyber security search is another great General search if you want to lean a little bit to Red Team or blue team then for blue team let's defend is a great resource for red team hack the box or try hackme are also great resources so there's a
• 03:00 - 03:30 lot of platforms out there where you can get Hands-On training even without having cyber security work experience so definitely take advantage of it I also link a few other cybercity learning resources and courses I personally recommend Linked In My description as well I would personally spend up to 2 weeks completing at least one of their cloud training paths so you understand the basics of cloud this is going to take you up to 3 weeks just to go over the entire course but of course as with anything Ser security and Cloud are both sectors that require continuous learning so it's not just a one andone you learn the basics and you move on you're always
• 03:30 - 04:00 going to be learning new things you're always going to be keeping up with cyber security news different Trends the different threat actors the vulnerabilities that they're exploiting so on top of this I would also recommend creating your own cyber security news feed this is something that I've had since I was just in my first year working in cyber security I use a tool called Feedly and and basically you can combine all the RSS feeds of different cyber security news outlets that you're interested in and have them all in one app or one platform so you can read them basically scroll through as if they were your personally curated news feed
• 04:00 - 04:30 specifically for cyber security Feedly is a free app on the App Store so I highly recommend checking that one out and just spending 10 to 15 minutes a day scrolling through different cyber security news outlets reading the headlines understanding what attackers are doing understanding how AI is potentially impacting the threat landscape and this could also give you ideas as to what to learn next what cyber security or Cloud topic to dig into as part of your Learning Journey now on top of actually learning cloud security foundations something else you need to get familiar with are the different cyber security tools that companies actually use to stay secure on
• 04:30 - 05:00 the cloud specifically veronis veronis is a data security platform with a data Centric approach to Cloud security and a big thank you to veronis for sponsoring this portion of the video their unified data security platform offers Mission critical capabilities that seamlessly work together and is the only data security solution that finds your data fixes it and alerts you of any issues automatically so I know this sounds like a lot of buzzwords but what does this mean for a complete beginner so think of it this way back then company stored their data on their own data centers but
• 05:00 - 05:30 running your own data centers cost a lot of money takes a lot of upkeep and is not very scalable so instead the alternative is hosting your data in a cloud environment this is cheaper much faster and much more scalable and a lot of times much more secure since Cloud providers have to go through vigorous security audits to make sure that their environments are locked down and typically have a lot more security controls in place compared to the typical brick and mortar data center however of course companies still want visibility into the data their applications and that is where Veron is comes in they basically will keep track
• 05:30 - 06:00 of all your data any data 24/7 365 which makes sure that all your data is protected with minimal human effort on your end so there's no busy work for the cyber security team while businesses are deploying Genai adopting Cloud infrastructure and of course preventing cyber breaches there are security tools and platforms out there for securing endpoints for securing networks and veronis is specifically for securing your data it's quick to onboard and deploy and house reduced reporting time which eventually when you start working in cyber security you won know that this
• 06:00 - 06:30 usually takes a very long time so any tool that makes your life easier in that aspect is a huge win for the team veronis also covers all the big cloud providers in addition to other SAS and IAS providers which means no matter what cloud platform you're interested in focusing on learning about veronis how they work and how they protect data in the cloud is going to benefit you as someone who is starting out in Cloud security to also understand how to better protect data in the cloud right now you can get a free data risk assessment from bronis through the link in my description as well as full access access to the veronis SAS platform and a
• 06:30 - 07:00 dedicated incident response analyst and I also want to mention that veronis has free cyber security courses and training directly on their platform that I'll link in my description as well I think this is going to be really helpful for anyone who is starting out in Cloud security and cyber security as it cover topics like Powershell active directory cyber incident response and a lot more all right step number four get hands on setting up your own Cloud Learning environment so there are plenty of guides out there that you can use to create your own Cloud Learning lab I would personally also use AI to your
• 07:00 - 07:30 advantage this is not something that I had when I was starting out my career so if you have the tools at hand I would highly recommend it taking advantage of them and asking a tool like chat PT or Gemini to help you create a walkthrough guide for setting up your own cloud environment I also want to mention that a lot of the big cloud providers will provide you free credits to be able to spin up your own environment to get some pans on training and I'll also link a tutorial that I personally recommend Linked In My description below as well so you can follow along but this is basically going to be where you're going to be working on all of your cybercity and Cloud project projects in the future
• 07:30 - 08:00 as well as of force getting familiar with the specific tools like I mentioned in Step number one for example you may have learned about a your active directory asure devops Cosmos DB but now this is actually where you can put that textbook knowledge into play through your own cyber security projects and you're also then going to be adding these onto your resume onto your project portfolio to help buff up your resume with more relevant projects and Technical experience and skills for when you start applying to cyber security and Cloud security jobs so this is basically the formula so with that step number five is to start working on your own security projects the first one I'm
• 08:00 - 08:30 going to recommend is setting up your own identity access management tool using AWS this tool is called cloud splaining and it's an AWS IM security assessment tool that identifies validations of lease privilege and generates a risk prioritized report you can also find a really great list of different cyber security projects and tools out there that you can use through GitHub and it's a great way to get an understanding of what you can do using Cloud infrastructure as well as of course getting some Hands-On skills under your belt to be able to talk about in future interviews your goal right now is to just become a very well-rounded
• 08:30 - 09:00 Cloud security learner so that when a future interviewer asks you a question about identity access management in the cloud you can of course give them the textbook answer but you can also talk about any project that you've worked on which can include this one where you can share your experience scanning an IM am policy and checking for compliance against that policy so there's a lot of really cool ways to get experience even without actually working any cyber security role project number two is to scan your Cloud environment for a security audit Scout Suite is an open source multil Cloud security auditing tool that can provide you a security posture assessment of your Cloud
• 09:00 - 09:30 environment it uses the apis exposed by the cloud providers and gathers configuration data for manual inspection and highlights key risk areas specifically designed by security Auditors so they know exactly what they want to look for in a cloud environment scan it works on AWS Google Cloud platform Azure and other Cloud providers so I'd highly recommend checking this out they have a full guide using their command line tool and of course that link all the project guides in my description as always and it's open source so it is free to use like many of these tools are so there's really nothing blocking you from learning as much as you can in these niches but
• 09:30 - 10:00 project number three I'm going to challenge you to use gen and help you create a project guide that is actually relevant to what you're interested in if there's a specific niche in Cloud security or if you want to use a specific tool in whichever cloud provider they are using I would take this time to get a bit creative with setting up a project plan from scratch and just getting your hands dirty using some technical tools Project work can take a long time so maybe spending about one week on each project so that you can dive deeper into the different tools that you're using and now finally we are on step number six the last step on this
• 10:00 - 10:30 list and that is to create your technical project portfolio and of course updating your resume I personally use a tool called massive it's kind of like an all-in-one platform will it help you refresh and write your resume based on your previous experience but also based on the job that you're going for for example if you're interested in Cloud engineering they'll also help you apply to jobs and their AI agent will customize your resume for every job application that it sends out for you personally I highly recommend this tool if you're looking for an all-in-one platform they basically send out 200 jobs for you on a monthly basis based on the skills on your res as well as the
• 10:30 - 11:00 job title that you're actually interested in and it comes out to about a few cents per job application that they send out so it is highly worth it especially with the time that you're saving but of course there are also free Alternatives I would first outline all your projects onto your resume using strong action words as well as the key skills and tools that you've actually used in your projects then upload your resumé onto an ATS Checker which will check to make sure that your resumé passes for different AI screenings and automations that a company may be using in their ATS system so that you can at least get your resume in front of a real recruiter to get looked at this is also
• 11:00 - 11:30 where I want to mention to make sure that the skills that you're learning are relevant to the jobs that you're interested in another great way to do this is by basically reverse engineering the job search process first look at a job description for a cloud engineer or a cloud security analyst and see the skills that are listed across different employers and I would pick the top three to five skills that overlap on those lists and then pick those to start learning and going for different technical projects so you have exactly what those companies are looking for on your resume when you start applying to that same title or role all right that
• 11:30 - 12:00 is it for this video thank you guys so much for watching hopefully this video was helpful and gave you an outline road map into how to get started in learning cloud security from zero to actually starting to apply to jobs using the technical skills and hands-on experience that you get through the technical projects we cover in this video don't forget to also check out veronis and get a free cloud data risk assessment through the link in my description if this video was helpful please like And subscribe as it really does help out the channel don't forget to also stay connected on Discord and Linkedin I usually post on their daily so I would love to connect with you on there thank
• 12:00 - 12:30 you again so much for watching and hopefully I'll see you guys in my next video bye [Music]