Cybersecurity, learned like a practitioner.

24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.

24
Learning paths
398+
Live modules
0
You've completed
Free
Your tier
Browse the academy

Advanced · modules

Modules tagged Advanced. Use the sidebar to narrow by track or topic.

187 results · Page 11/19
Filtering: Level: Advanced × Clear all →
DPDP Compliance Practitioner Advanced Free

DPIA — Data Protection Impact Assessment Under DPDP

Why this module exists. §10(2)(c) requires Significant Data Fiduciaries (SDFs) to conduct DPIAs. The Rules (when published) will likely extend DPIA expectations to high-risk processing by all Data Fiduciaries. Most Indian businesses have never done one. The methodology is more practical than the legal text suggests. What a DPIA is A structured assessment of a […]

Apr 27, 2026 35 min Open
Cloud Security Practitioner Advanced Free

Azure RBAC & Privilege Escalation Paths

Why this module exists. Azure has two parallel permission systems — RBAC for management plane (resources), Entra ID roles for identity plane. Most engineers treat them as one. Attackers know they’re separate, and the mismatched grants are where privilege escalation lives. The two-plane model Management plane (Azure RBAC). Who can create / read / modify […]

Apr 27, 2026 35 min Open
Cloud Security Practitioner Advanced Free

GCP IAM & Workload Identity Federation

Why this module exists. Every Indian SaaS that adopted GCP after 2022 inherited an IAM model fundamentally different from AWS. The pieces look similar — IAM, service accounts, roles — but the wiring is different and the attack paths are different. If you bring AWS muscle memory to GCP, you’ll either over-permission everything or miss […]

Apr 27, 2026 35 min Open
Cloud Security Practitioner Advanced Free

Service Mesh Security — Istio, Linkerd, mTLS

Why this module exists. “We added Istio and now we have zero trust.” No, you don’t. Service mesh adds powerful primitives — mTLS, identity-aware authorization — but most installations use ~20% of those primitives. The remaining 80% is where attacks live. What service mesh actually does An Envoy / Linkerd-proxy sidecar intercepts every request entering […]

Apr 27, 2026 30 min Open
Cloud Security Practitioner Advanced Free

Multi-Cloud Identity Federation Attack Surface

Why this module exists. Indian enterprises in 2026 are multi-cloud. Workloads on AWS, identity in Entra ID, data lakes in GCP, kubernetes on multiple clouds. Each integration uses identity federation — and each federation is a trust boundary that attackers can pivot across. The bugs that matter are at the seams between clouds, not within […]

Apr 27, 2026 35 min Open
Cloud Security Practitioner Advanced Free

Container Escape — From Pod to Node

Why this module exists. Containers are isolation, not security. The Linux kernel boundary between container and host has historically had escape paths every 6-18 months. Most enterprises run Kubernetes with Pod Security policies set to “permissive” because it’s the default. Every red team checks for container-escape primitives first. What “container escape” means A process inside […]

Apr 27, 2026 35 min Open
Active Directory Security Advanced Free

Read-Only Domain Controllers (RODCs) — Attack & Defence

Why this module exists. RODCs were Microsoft’s 2008 answer to “we need a DC at a branch office, but the branch office has no physical security.” The model: cache only specific user passwords; if the RODC is stolen, only those users’ hashes are exposed. The reality: misconfigured RODCs cache more than admins realise, and compromised […]

Apr 27, 2026 30 min Open
Active Directory Security Advanced Free

AD Tier-0 Hardening — The Defender’s Playbook

Why this module exists. Most AD breaches succeed because Domain Admin credentials end up exposed on workstations or member servers. Microsoft’s Tiered Administration Model (originally “Securing Privileged Access” / “Enterprise Access Model”) is the structural fix. It’s well-documented and rarely implemented in full. This module is the practical playbook. The model Three tiers, in increasing […]

Apr 27, 2026 40 min Open
Active Directory Security Advanced Free

Group Policy Object (GPO) Abuse

Why this module exists. Group Policy was designed in 2000 to centralise Windows administration. It’s still the primary configuration mechanism for AD-joined hosts in 2026. Attackers learned its weaknesses long ago; defenders mostly still don’t audit GPO ACLs. Three flavours of GPO abuse pay off in nearly every internal pentest. The GPP cpassword bug — […]

Apr 27, 2026 30 min Open
Active Directory Security Advanced Free

Azure AD / Entra ID Attack Surface

Why this module exists. Indian enterprises moved their identity to Microsoft 365 / Entra ID (formerly Azure AD) in waves between 2019 and 2024. Attackers followed. The 2023-25 surge in token-theft and consent-phishing attacks is now the dominant initial-access technique against Microsoft-shop enterprises. Different concepts, different tools, different defenders. How Entra ID is different from […]

Apr 27, 2026 35 min Open
02 / Why learn here

Practitioners who've
shipped the controls.

Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.

Why learn here

01

Practitioner-written.

Each lesson is authored by someone who has shipped the control or run the engagement in production.

02

Quiz after every module.

20+ questions with explanations. 70%+ to mark complete. Unlimited retries.

03

Progress tracked.

Completions, scores and streaks saved automatically. Resume exactly where you left off.

04

India-priced.

Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.

Pick a path, get to work.

Browse all 398 modules View skill map