Track · HS Academy

Cloud security fundamentals

A ten-lesson grounding in the cloud-specific security skills every security and engineering team needs. Practical, vendor-neutral, focused on the failure patterns we keep seeing in the wild.

HorizonShield course detail path with lesson sequence and SOC training progression
Course detail and lesson counts are pulled from the live Academy CMS.
10
Lessons
1.4h
Total time
beginner
Level
Read or watch
Format
  1. 01
    Why cloud security is a different game
    Cloud security is not a new flavor of network security — it is a different model with different failure shapes. This lesson sets the frame for everything that follows.
    beginner8 minFree preview
  2. 02
    The shared responsibility model in plain language
    Every cloud provider publishes a "shared responsibility model" diagram. It is the most important thing they publish and the most often misread.
    beginner7 min
  3. 03
    Identity is the new perimeter
    In the cloud, the firewall is replaced by identity. If an attacker has a valid token with the right scope, the network controls do not save you. This is why identity hygiene now sits where firewall rules used to.
    beginner9 min
  4. 04
    Network segmentation in cloud-native environments
    Cloud networks behave differently from on-prem networks. The defaults are usually open within an account and closed to the public internet — the opposite of where most on-prem networks land. That cuts both ways.
    beginner8 min
  5. 05
    Encryption — what is automatic and what isn't
    Cloud providers will tell you encryption is on by default. They are technically correct. They will not tell you which threat model that default actually defends against.
    beginner7 min
  6. 06
    Cloud-native logging and monitoring foundations
    The good news about logging in the cloud: every API call, every console action, every resource change can be logged. The bad news: by default many of those logs are not retained, not centralized, and not parsed.
    beginner8 min
  7. 07
    Misconfiguration is the most common breach vector
    We have read or written the postmortems for hundreds of cloud breaches. The single most common root cause is not a sophisticated attack. It is a misconfiguration that lived in production long enough for someone to find it.
    beginner9 min
  8. 08
    Container and serverless security basics
    Containers and serverless functions are not magic. They have their own security profile, and their own classes of failure.
    beginner9 min
  9. 09
    Building a cloud incident response playbook
    An incident response plan you have not rehearsed is a plan you do not have. This lesson walks through the structure of a workable cloud incident response playbook.
    beginner9 min
  10. 10
    Continuous compliance — drift, evidence, and audit
    Compliance in the cloud is not a checklist you complete once a year. It is a continuous practice with three pillars: prevent drift, gather evidence automatically, and stay ready for audit.
    beginner8 min
← All tracksPractice on a real workspace →