Step-by-step path
- Pick AWS, Azure, or GCP first
- IAM, logging, storage, and network controls
- Threat model and harden a small cloud app
- Build a portfolio artifact and publish a short writeup.
Protect AWS, Azure, GCP, containers, identity, and cloud workloads. Pick one cloud, learn IAM deeply, then move into detection and architecture.