Securing Cloud-based Applications Learning Path

In this path, you will explore security for cloud-based applications. This includes a look at cloud attack vectors and remediations, a look at training and the use of third-party tools.

5 hours, 8 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    5 hours, 8 minutes

  • Assessment


About Securing Cloud-based Applications

In this path, you will learn how to effectively secure your cloud-based applications while protecting them across all attack vectors. You will also learn how to properly train your developers to create applications that are secured by default. One final takeaway will be getting hands-on experience with a few open-source tools that can help you secure your cloud-based applications.



Securing cloud-based applications Skill Assessment

Assessment - 24 questions

Securing cloud-based applications overview

Course - 00:05:00

In this course, we will be going over an introduction to what you will be learning in this learning path. We will review each of the six courses and touch on what the project will be. This path is designed for developers, security engineers, security architects and anyone at an intermediate level looking to broaden their skills.
Training & awareness

Course - 00:18:00

In this course, we will discuss how to effectively train and bring awareness to app security in the cloud. Training is critical in ensuring you are building secure cloud apps. In this course, we will dive into this importance and key areas that should be addressed in the training.
Cloud attack vectors and remediations (knowing is half the battle, doing is the other!)

Course - 00:42:00

In this section, we will learn common attack vectors and how to remediate these issues. Knowing your own attack vectors is the first key in providing any level of security for an application. You cannot secure what you don’t know is there. This course will dive into the various attack vectors that are unique to the cloud and how to address each of these attack vectors to build the most secure app that you can.
Secure by design (let's build a program)

Course - 00:53:00

In this course, we will walk through what it means to be secure by design. This starts with the SDLC. If we do not begin with security we do not end with security. Building your application with security built in will lay the groundwork required to have a secure app with a long life. We also review three key areas that must be thought through and designed for when building the application: IAM, encryption and compliance.
Comparing Azure and AWS

Course - 00:31:00

In this section, we are going to dive into Azure and AWS. We will review similarities as well as differences in the offering they have to help make our applications secure. Every cloud provider has different security offerings, and it will be critical that you know what they are and how to properly configure them. We will also go over the key features of these different services and point out areas where they lack. This information will be critical in ensuring you have the full capabilities to secure your applications.
Third-party tools

Course - 02:29:00

In this section, we will review the open-source solution called ScoutSuite and walk through how it can be used to benefit you in securing your cloud environment. It is always a good idea to have knowledge of third-party, open-source solutions that can potentially help you secure your environment. In this course, we go over the various steps that may be included to ensure you have a successful project.

Meet the author

Joseph South

Joe South has been working in cybersecurity for over six years and has worked at companies of all sizes across multiple industries. Joe is currently in a role where he is empowered to introduce new and innovative solutions to increase the security posture of his organization. He enjoys teaching others what he's learned and is the creator of a blog where he helps others get into cybersecurity and build a successful career. He also provides in-depth reviews of his certifications and shares tips to successfully pass the exams.

Joe started his career on the help desk of his college where he fell in love with IT. Eager to learn more, he earned his Security+ certification and began a career in cybersecurity. He started in vulnerability management, where he worked to secure applications that served military and Department of Defense clients. He later expanded his skillset by diving into complex identity and access management (IAM) toolsets where he designed solutions for Fortune 500 companies across HIPAA, PCI and financial industries. He also architected solutions for companies to move into AWS, Azure and GCP while maintaining or increasing their security posture. Joe has his CCSP, AWS Security Specialty and AWS CCP certification, among others.

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • All-Source Analyst
  • Mission Assessment Specialist
  • Exploitation Analyst

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo