# Product Security Ramp-Up Tracks > **Intro:** New people do not need a random reading pile. They need a path that builds judgment in an order that makes sense for the role. > > **What this page includes** > > * 30-day and 90-day learning ideas > * different tracks for engineers, platform specialists, and managers > * how to mix reading, review, and labs > * how to know the learner is progressing ## Example tracks ### Product Security engineer, first 30 days 1. threat modeling basics and API security; 2. CI/CD trust boundaries and secret scanning; 3. cloud identity and workload federation; 4. runtime investigation basics and one tabletop. ### Platform security engineer, first 30 days 1. runner isolation, OIDC, and deployment trust; 2. Terraform and policy-as-code pages; 3. Kubernetes baseline and runtime investigation; 4. provider-specific attack chains. ### Product Security manager, first 60-90 days 1. operating model, metrics, and exception governance; 2. architecture review and threat modeling; 3. incident playbooks and detection engineering basics; 4. stakeholder communication and roadmap planning. ## Progress signals Learners should be able to: * review a design and identify trust boundaries; * explain why a machine identity is risky; * spot one or two real release-gate gaps; * walk through the first 15 minutes of a product incident. ## Related pages * [Reading Paths](/appendices-assets-and-reusable-artifacts/reading-paths.md) *** *Author attribution: Ivan Piskunov, 2026 - Educational and defensive-engineering use.* ## Additional guided lab tracks * [Mobile Security Lab Track — NowSecure, iOS, and Android Learning Flow](/learning-labs-interview-and-templates/index-2/mobile-security-lab-track-nowsecure-ios-and-android.md) * [API Definition Conformance Lab — OpenAPI, Contract Linting, AuthZ Checks, and CI Validation](/learning-labs-interview-and-templates/index-2/api-definition-conformance-lab-openapi.md) * [Cloud Compliance Scan Lab — Scan → Triage → Fix → Codify](/learning-labs-interview-and-templates/index-2/cloud-compliance-scan-lab-scan-triage-fix-codify.md) * [Containment and Eradication Automation Lab](/learning-labs-interview-and-templates/index-2/containment-and-eradication-automation-lab.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.product-security.expert/learning-labs-interview-and-templates/index-2/product-security-ramp-up-tracks.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.