Cybersecurity, learned like a practitioner.
24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.
Networking · modules
OSI layers, TCP/IP, subnetting, packet analysis — the foundation of every security skill.
Module 23 · Mutual TLS and Service Identity at the Network Layer
What mTLS provides Each side of the connection presents a certificate. Both verify the other’s certificate against trust chain. Traffic encrypted with negotiated keys. Identity bound cryptographically to the endpoint. This eliminates network-position-based trust: “you’re inside the firewall, so I trust you” becomes “you have a valid certificate from our CA, so I trust you.” […]
Module 24 · Network Forensics — PCAP, NetFlow, Zeek
The network-forensics evidence layers Layer What it shows Full PCAP Every byte of every packet NetFlow / IPFIX / sFlow Conversation summaries (src, dst, bytes, duration) Zeek / Bro logs Protocol-decoded conversation logs DNS / Proxy logs Application-layer name resolution / web access Firewall logs Connection accept / deny events Each layer trades storage for […]
Module 22 · IPv6 Security in Modern Networks
The IPv6 attack surface The single most common Indian enterprise issue: IPv6 enabled on endpoints / VMs by default, no explicit IPv6 security controls. Dual-stack hosts get IPv6 addresses, IPv4 firewalls don’t see the traffic, attack-paths become invisible. The recurring IPv6-specific issues Link-local addresses: every host has fe80::/10. No DHCP needed; auto-configuration via SLAAC. Attacker […]
Module 20 · SD-WAN and SASE Architecture
The traditional WAN vs SD-WAN Traditional SD-WAN MPLS private circuits Internet underlay with overlay tunnels All branches → HQ → internet Local internet break-out at branches Static routing Dynamic policy-driven path selection High cost per Mbps Internet-economics pricing SASE — the convergence SASE = SD-WAN + cloud-delivered security stack: SWG (Secure Web Gateway): web traffic […]
Network Forensics — Reading Captures Like a Detective
Network forensics is the art of reconstructing what happened from packets and flow logs after the fact. This module is the practitioner walk-through: chain of custody, the evidence stack (PCAP + Zeek + flow + endpoint), the workflow for a compromise investigation, the most useful
BGP Security and RPKI — How the Internet Trusts Itself, and Why It Sometimes Should Not
BGP is the routing protocol of the Internet — every ISP, hyperscaler, and large enterprise speaks it. It assumes good behaviour by every participant; that assumption fails several times a year, and we get prefix hijacks, route leaks, and accidental outages. RPKI cryptographically
IPv6 Security — Why You Already Have IPv6 Even If You Did Not Notice
IPv6 is on by default in every modern operating system. If you only configured IPv4 ACLs, half your network is unprotected. This module covers IPv6 addressing (link-local, ULA, GUA), Stateless Address Auto-Configuration (SLAAC), Neighbor Discovery (the ARP replacement and its att
Practitioners who've
shipped the controls.
Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.
Why learn here
Practitioner-written.
Each lesson is authored by someone who has shipped the control or run the engagement in production.
Quiz after every module.
20+ questions with explanations. 70%+ to mark complete. Unlimited retries.
Progress tracked.
Completions, scores and streaks saved automatically. Resume exactly where you left off.
India-priced.
Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.