Securing the Skies: A Journey in AWS Cloud Security and Beyond
Hey there!!👋
I’m Harshit, a regular guy with an insatiable passion for cybersecurity. My journey into the world of Cloud Security began during a holiday break after my 5th semester exams, when I stumbled upon articles discussing the emergence of cloud technology in this tech-driven era. Intrigued by the potential of cloud security, I decided to dive deeper and expand my skills beyond web application security and CTF challenges.
Early Beginnings: My Introduction to AWS Cloud Security
Initially, I embarked on my cloud security journey by immersing myself in a plethora of resources. I delved into countless YouTube videos, engaging in discussions with ChatGPT to grasp an overview of cloud concepts and cloud security. I tried every major cloud service provider and after some exploration, I gravitated towards Amazon Web Service (AWS) due to its dominance in the market and its intriguing offerings and services.
My learning journey took flight with Edureka’s 10-hour course on “AWS tutorial for Beginners” (edureka), where I took copious notes and thoroughly absorbed the intricacies of AWS architecture solutions. This laid a robust foundation for my subsequent endeavors. I continued my education through various content creators such as Behrouz Sadeghipour (Nahamsec), Network Chuck, Fireship, Tech with Lucy, and Abhishek Veeramalla, absorbing their invaluable insights.
Lessons Learned: Key Takeaways in AWS Cloud Security
As I progressed, I realized the importance of complementary tools like Docker and Terraform and surely AWS CLI in the cloud security domain. Special thanks to TechWorld with Nana and DevOps Directive for providing exceptional content that facilitated my learning process.
Even though with some troubleshooting hurdles along the way, embracing the mantra “the more you fail, the more you learn,” I overcame obstacles with the help of online resources and, of course, ChatGPT’s guidance.
Where do I Stand Now?
Since, I was eager to put my newfound skills to the test, I embarked on a project utilizing AWS, Terraform, and Docker, which provided hands-on experience and solidified my understanding. For which I completed a project on utilizing these skills…
Book I’m Currently Exploring
Further refining my skills, I delved into the insightful book “Hands-on AWS Penetration Testing with Kali Linux” by Karl Gilbert and Benjamin Caudill.
Day-to-day regimen:
A pivotal moment in my journey was the discovery of the cloud security section on the HackTricks website, particularly CloudGoat, a captivating tool developed by Rhino Security. CloudGoat is such a great tool that helping me now-a-days to improve my skill in aws cloud security and they also provide option to destroy scenario to avoid any overusing of services and bills and they also include walkthroughs that also helps me a lot… till now I had solved 6 scenarios and soon i would complete all and here thanks to linkedin learning and Tyler Ramsbey with whom I spending my time too much everyday in solving scenario. And some other AWS CTFs provided by pwnedlabs.io, flaws.cloud, flaws2.cloud and reading books and article (Chris Farris).
Reflecting on my journey, I can’t forget the unintentional billing mishap I encountered with AWS services in January and February. However, thanks to the exemplary support from AWS customer service, the issue was swiftly resolved, underscoring the importance of reliable customer support in cloud services.
AWS Certification (in progress)
Looking ahead, I’m setting my sights on AWS certifications, particularly the AWS Certified Security — Specialty Certification. I recently completed a comprehensive Udemy course on this certification, which broadened my understanding of AWS security intricacies. Despite the cost associated with this specialty-level certification, I felt confident in my mastery of the required skills.
The Udemy course, AWS Certified Security Specialty 2022, proved to be an invaluable resource in my journey. It covered a vast area of AWS security, delving into topics that I can’t fully mention in this blog post. However, it provided me with a solid foundation that I plan to leverage in my future endeavors. For those who are resourceful, you can also find this course for free if you know to dive deep in internet.
Future Goals: The Path Ahead🎯
Looking forward, I am eager to apply all the skills I’ve acquired to real-world industrial and hands-on projects, showcasing my expertise. Obtaining the AWS Certified Security-Certification is one of my primary goals, alongside platforms like TryHackMe for their “Attacking and Defending AWS” and “DevSecOps” modules, allowing me to further refine my skills and stay updated in the ever-evolving cloud world.
For now, my focus remains on engaging in projects, honing my skills through platforms like CloudGoat, and practicing extensively. Additionally, I am exploring freelance opportunities and actively seeking internships to gain practical experience and further enhance my proficiency in AWS cloud security.
As I navigate through this cyber ocean of information, I’m reminded of the quote,
“Cyberspace is an ocean of information where the diligent diver can uncover treasures beyond imagination.”
Join me as I continue to explore and uncover the treasures of cloud security!
If you enjoy my posts and find them helpful, consider buying me a coffee! Your support helps me earn relevant certifications and continue sharing valuable insights. Buy Me a Coffee
Connect to me, if you have any query, want to share or suggest me anything, here’s my Portfolio or dm me on LinkedIn.
Stay tuned and follow me for more chapters of my odyssey, my projects, cybersec stories, and write-ups and also thank you for being part of my story! 🚀
