Cybersecurity, learned like a practitioner.

24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.

24
Learning paths
398+
Live modules
0
You've completed
Free
Your tier
Browse the academy

Beginner · modules

Modules tagged Beginner. Use the sidebar to narrow by track or topic.

45 results · Page 2/5
Filtering: Level: Beginner × Clear all →
Google Cloud Platform Beginner Free

GCP Organisation Hierarchy

GCP’s hierarchy is the foundation of multi-project security. Levels Organisation — top; tied to your Google Workspace / Cloud Identity domain Folders — group projects (by environment, business unit) Projects — workload boundary; resources live here Resources — buckets, instances, etc. IAM inheritance Roles granted at higher levels apply to all child resources. Org-level Owner […]

Apr 27, 2026 15 min Open
Google Cloud Platform Beginner Free

Google Secret Manager

GCP’s native secrets store. Simpler than Vault; sufficient for most. Features Versioned secrets (latest, specific version) IAM-scoped access Replication policies (auto / user-managed) Cloud KMS encryption Audit log per access Secret Manager Notifications for rotation triggers Pattern gcloud secrets create my-secret --replication-policy=automatic gcloud secrets versions add my-secret --data-file=./secret.txt # In application from google.cloud import secretmanager […]

Apr 27, 2026 15 min Open
GRC, ISO 27001 & SOC 2 Beginner Free

Security Awareness Training

Annual click-through training is theatre. Modern awareness is continuous, simulated, measured. The programme Onboarding — security 101 within first week Quarterly refresh — short, role-specific Phishing simulation — monthly Just-in-time — real incident → relevant training Specialised tracks — engineers, finance, executives have role-specific content Tools KnowBe4 — most-used; large content library Cofense — phishing-focused […]

Apr 27, 2026 15 min Open
Cyber Threat Intelligence Beginner Free

The Pyramid of Pain

Covered briefly in Blue Team Module 6. This is the deeper dive. The pyramid Hash values — recompile, hash changes IPs — rotate infrastructure Domains — register new Network/host artefacts — User-Agent, registry keys Tools — Cobalt Strike, Mimikatz TTPs — tactics, techniques, procedures Top of pyramid = harder for attacker to change. Operational implication […]

Apr 27, 2026 15 min Open
Ethical Hacking Tools Beginner Free

OSINT & External Recon

Recon is the cheapest, highest-yield phase of any engagement. Tools that pay back the time investment. Subdomain enumeration # Passive (no traffic to target) subfinder -d target.com -all -silent amass enum -passive -d target.com crt.sh search ("%.target.com") # Active (more thorough) amass enum -active -d target.com ffuf -w subdomains.txt -u https://FUZZ.target.com Search engines for hackers […]

Apr 27, 2026 20 min Open
DevSecOps Beginner Free

Pre-Commit Hooks for Security

Why this module. The cheapest security check is the one that runs on the developer’s laptop before code ever reaches CI. Pre-commit hooks catch ~60% of mistakes for ~5% of the operational cost of equivalent CI checks. What runs in pre-commit Linting + format — Ruff, Black, ESLint, Prettier. Reduces diff noise. Type checking — […]

Apr 27, 2026 20 min Open
DevSecOps Beginner Free

Secret Scanning in Code Repos

Why this module. Engineers commit secrets. AWS keys, API tokens, database passwords end up in Git, often in .env.example files that were supposed to have placeholders. Once committed, secrets stay in Git history forever — and within minutes attackers find them via GitHub search. The tool stack git-secrets / detect-secrets / Gitleaks / TruffleHog — […]

Apr 27, 2026 20 min Open
Networking Beginner Free

NAT, PAT, and the IPv4 Internet’s Duct Tape

Network Address Translation maps private IPv4 addresses to public ones, allowing many devices to share a single public IP. PAT (Port Address Translation, often called NAPT or "NAT overload") is the variant most home routers and enterprise edges use. NAT is the duct-tape that kept

Apr 27, 2026 60 min Open
Beginner Members

Social Engineering Defence

Phishing, vishing, smishing, BEC, deepfake voice/video, MFA fatigue — modern social engineering and the layered defence programme: tooling, training, simulation, executive protection.

Apr 26, 2026 60 min Open
GRC, ISO 27001 & SOC 2 Beginner Members

Security Policy Architecture — A Working Hierarchy

The four-tier policy hierarchy (charter, policies, standards, procedures), the minimum 17-policy set for Indian mid-market organisations, how to write policies people actually follow, exception management, and the realistic review cadence.

Apr 25, 2026 60 min Open
02 / Why learn here

Practitioners who've
shipped the controls.

Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.

Why learn here

01

Practitioner-written.

Each lesson is authored by someone who has shipped the control or run the engagement in production.

02

Quiz after every module.

20+ questions with explanations. 70%+ to mark complete. Unlimited retries.

03

Progress tracked.

Completions, scores and streaks saved automatically. Resume exactly where you left off.

04

India-priced.

Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.

Pick a path, get to work.

Browse all 398 modules View skill map