Back to roadmap
Beginner foundation

Common Skills for Security

Core skills that support Application Security, Cloud Security, DevSecOps, pentesting, and most cybersecurity paths.

Use this plan before role-specific roadmaps. It covers where to study, what to learn, and how long to spend so you can become job-ready and interview-ready.

Total duration

19 weeks

Core baseline before deep specialization.

Linux BasicsNetworking FundamentalsProgramming FundamentalsCloud Computing FundamentalsEssential Git CommandsNetworking Matters

Skill 1

Linux Basics and Linux Commands

1-2 weeks

Become comfortable with day-to-day Linux commands, then go deeper into networking and security-focused command-line work.

Week 1: Basic Commands

  • Learn basic Linux workflow used in Kali Linux, Parrot OS, BlackArch Linux, and other security-focused systems.
  • Practice common commands: awk, cat, cd, chmod, chown, cp, curl, dig, du, df.
  • Practice common commands: echo, export, find, grep, head, history, host, ifconfig, kill, less.
  • Practice common commands: locate, ls, man, mkdir, more, mount, mv, nslookup, ping, ps.
  • Practice common commands: pwd, rm, rmdir, scp, sed, service/systemctl, sort, ssh, sudo, tail, tar.
  • Practice common commands: top, touch, uname, uniq, wget, whois, whatis, w, wc, zip.

Week 2: Security Focused Commands

  • Learn netcat, nslookup, host, dig, netstat, traceroute.
  • Learn nmap, nikto, fierce, and dirb.
  • Practice install, uninstall, update, and upgrade flows.
  • Use find, grep, and ifconfig in security investigation tasks.
  • Learn regular expression basics.
  • Start and stop services.
  • Understand /opt, /tmp, and common log server locations.
  • Run scripts written in Python, Ruby, Go, and similar languages.

Skill 2

Networking Fundamentals

2-4 weeks

Most security professionals need basic to intermediate computer networking knowledge to work well in their domain.

Week 3-4: Core Concepts

  • IPv4, IPv6, CIDR, IP addressing, and subnetting.
  • Public vs private IPs and TCP/IP model.
  • DMZs and Zero Trust Networks.
  • Common ports and protocols such as 22, 25, SSH, HTTPS, and related services.
  • Common cryptographic modules and functions.
  • How DNS works and how SSL works.

Week 5-6: Network Security

  • Common network threats.
  • Man-in-the-middle attacks and network sniffing.
  • TCP attacks.
  • DoS and DDoS attacks plus prevention ideas.
  • Firewalls and software-defined networks.
  • Basic troubleshooting for slow internet, internet outage, Wi-Fi problems, and open network issues.

Skill 3

Programming Skills

4-8 weeks

Security roles increasingly expect decent knowledge of at least one programming language. Python is recommended; Go and Ruby are also useful.

Week 7-10: Basics and Projects

  • Learn basic programming concepts.
  • Build a small project that connects to a database and fetches data.
  • Extract data from a webpage.
  • Display cloud information such as AWS instance details region-wise.
  • Automate security tasks such as Docker monitoring, public IP discovery, and server detail collection.
  • Work with CSV and JSON data.
  • Use crypto modules.
  • Simulate a few Linux or security commands, such as a small nmap-style scanner.

Week 11-14: Security Focus

  • Understand OOP concepts.
  • Become comfortable reading other people's code.
  • Review source code from a security perspective.
  • Read Python security best practices.

Skill 4

Cloud Computing

3-4 weeks

Learn a major cloud provider such as AWS, Azure, or GCP, then study the security challenges introduced by cloud models.

Week 15-18: Cloud Fundamentals

  • Understand how cloud solves traditional infrastructure challenges.
  • Understand new security challenges created by cloud computing.
  • Learn service models and deployment models.
  • Understand shared security responsibility.
  • Learn microservices concepts.
  • Understand IAM deeply.
  • Learn data encryption concepts.
  • Study cloud networking because it is critical for cloud security.

Related plans

IAM Security Study PlanAWS Security Study PlanAzure Security Study PlanGCP Security Study Plan

Books

Cloud Computing for Dummies
AWS in Action

Skill 5

Git Commands

1 week

Use terminal Git instead of relying only on GUI tools. Many security roles expect basic version-control comfort.

Week 19: Git Basics

  • Learn git clone, git add, git commit, git branch, and git pull.
  • Learn git fetch, git merge, git push, git config, and git log.
  • Understand why Git matters for Application Security, Pentesting, DevSecOps, API Security, and Security Engineering roles.

Networking Matters

Once fundamentals are moving, build career momentum with people, writing, and community work.

Make good LinkedIn contacts from the application security domain.
Find a mentor or follow people who share blogs, tutorials, and talks.
Build connections through online and offline security conferences.
Publish AppSec articles, even if they cover basic concepts.
Join webinars, conferences, and newsletters.
Help beginners or people struggling with AppSec concepts. Teaching improves your own learning.