Cybersecurity, learned like a practitioner.
24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.
DevSecOps · modules
Security in the SDLC. SAST/DAST/SCA, IaC, CI/CD hardening, and software supply chain.
Module 11 · SLSA Levels & Build Provenance
Why this module. 2020 SolarWinds taught the industry that “we trust our build pipeline” is no longer enough. SLSA (Supply-chain Levels for Software Artifacts) is Google’s framework for hardening builds against supply-chain attacks. By 2026, several Indian regulated entities have begun requiring SLSA L2+ attestations from vendors. The four SLSA levels Level What’s required Roughly […]
Module 4 · CI/CD Pipeline Hardening
Pipeline attack surface: config injection, pwn-requests, unpinned actions, OIDC trust policies, ephemeral runners, signing.
Module 5 · Supply Chain Security (SBOM, SLSA, Signing)
SBOM generation with Syft, SLSA provenance levels, Cosign keyless signing, dependency pinning, and 2026 regulatory crib sheet.
Practitioners who've
shipped the controls.
Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.
Why learn here
Practitioner-written.
Each lesson is authored by someone who has shipped the control or run the engagement in production.
Quiz after every module.
20+ questions with explanations. 70%+ to mark complete. Unlimited retries.
Progress tracked.
Completions, scores and streaks saved automatically. Resume exactly where you left off.
India-priced.
Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.