Cybersecurity, learned like a practitioner.

24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.

24
Learning paths
398+
Live modules
0
You've completed
Free
Your tier
Browse the academy

Advanced · modules

Modules tagged Advanced. Use the sidebar to narrow by track or topic.

187 results · Page 3/19
Filtering: Level: Advanced × Clear all →
Advanced Free

Zero Standing Privilege and Just-in-Time Access

The principle Traditional model: 100 admins, each with persistent admin rights. Attacker compromise of any admin = persistent privileged access. Insider threat = persistent abuse capability. Zero standing privilege: 100 named eligible admins, 0 hold standing privilege. Elevation granted on request, time-bounded, audited. Attacker compromise of an admin = no standing access to abuse. Insider […]

May 14, 2026 35 min Open
Advanced Free

Customer Identity (CIAM) — Scale, Fraud, KYC

CIAM vs workforce IAM — the differences Dimension Workforce IAM CIAM Scale Thousands Millions to hundreds of millions Onboarding HR-provisioned Self-service registration MFA tolerance Mandatory; users accept UX-sensitive; abandonment risk Account recovery Help-desk-mediated Self-service required Risk posture Trusted users; insider risk Account takeover, fraud, abuse Identity proofing In-person at HR Online; KYC for regulated CIAM […]

May 14, 2026 30 min Open
Advanced Free

Privileged Access Management — PAM Architecture and Operations

What privileged accounts cover Domain Admin / Enterprise Admin (Windows AD). Root / sudo on Linux servers. Database admin (DBA) for production databases. Cloud root accounts and cloud admin IAM roles. Network device admin (firewall, switch, router). SaaS admin accounts (Okta admin, Workspace super-admin). Application admin accounts (Veeam, vCenter, etc.). Inventory these. The list is […]

May 14, 2026 35 min Open
Advanced Free

Data Masking, Tokenisation, Pseudonymisation

Why this module exists. “Use real production data in development” is the line that produces audit findings and breaches. The alternatives — masking, tokenisation, pseudonymisation, synthetic data — each have tradeoffs. This module is the practitioner reference. The four techniques compared Technique Reversible? Use cases Static masking No Test / dev datasets; analytical exports Dynamic […]

May 14, 2026 35 min Open
Advanced Free

Privacy Engineering Beyond Compliance

Why this module exists. “Privacy by design” is a phrase in every privacy framework and a practice in few organisations. The shift from “comply at audit time” to “design for privacy upfront” is what distinguishes mature programmes. This module covers the design patterns. The seven principles (Cavoukian) Proactive not reactive; preventative not remedial. Privacy as […]

May 14, 2026 30 min Open
Advanced Free

Encryption Strategy — At Rest, In Transit, In Use

Why this module exists. “We encrypt everything” usually means “we encrypt some things at some layer, with key management we haven’t audited.” This module is the structured framework for an encryption strategy that survives both audit and operational reality. The three layers Layer Protects against Primitives At rest Stolen disk, exfiltrated backup, lost laptop AES-256 […]

May 14, 2026 35 min Open
Advanced Free

Application-Level Cryptography — Avoiding the Common Mistakes

Why this module exists. Cryptographic primitives have safe defaults that produce safe outcomes if used correctly. Developers who deviate — even with good intentions — introduce subtle but catastrophic bugs. This module is the practitioner safety pattern. The cardinal rule — use high-level APIs Cryptographic library design has converged on high-level APIs that hide the […]

May 14, 2026 35 min Open
Advanced Free

Continuous Control Testing and Automation

Why this module exists. Manual quarterly access reviews break the moment the security team is busy with anything else. Continuous control testing — automated evidence collection — solves this for the controls that can be automated. This module is the operational pattern. Which controls automate well Control class Automation Configuration settings High — cloud APIs, […]

May 14, 2026 35 min Open
Advanced Free

Cloud-Native Security Architecture — Kubernetes, Service Mesh, Serverless

Why this module exists. Cloud-native architecture moves so much of the trust boundary into automation that the security architecture must shift correspondingly. This module is the cloud-native-specific architectural reference. The cloud-native trust model Three observations that drive cloud-native security architecture: Workloads are ephemeral — pods come and go in seconds. Static-IP-based controls do not apply. […]

May 14, 2026 35 min Open
Advanced Free

Service Mesh Security — Istio, Linkerd, mTLS-Everywhere

Why this module exists. Microservices security cannot be solved at the firewall — there are too many internal calls, the topology changes constantly, and “inside the network” is too permissive. Service meshes are how mature programmes address this. This module is the practitioner pattern. What a service mesh does A service mesh deploys a sidecar […]

May 14, 2026 35 min Open
02 / Why learn here

Practitioners who've
shipped the controls.

Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.

Why learn here

01

Practitioner-written.

Each lesson is authored by someone who has shipped the control or run the engagement in production.

02

Quiz after every module.

20+ questions with explanations. 70%+ to mark complete. Unlimited retries.

03

Progress tracked.

Completions, scores and streaks saved automatically. Resume exactly where you left off.

04

India-priced.

Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.

Pick a path, get to work.

Browse all 398 modules View skill map