Cybersecurity, learned like a practitioner.

24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.

24
Learning paths
398+
Live modules
0
You've completed
Free
Your tier
Browse the academy

Intermediate · modules

Modules tagged Intermediate. Use the sidebar to narrow by track or topic.

273 results · Page 2/28
Filtering: Level: Intermediate × Clear all →
Intermediate Free

Input Validation and Output Encoding — Universal Defences

Why this module exists. The single highest-leverage developer education is the principle “structure separates code from data.” Input validation and output encoding operationalise that principle. This module is the practitioner’s reference. The principle — structure separates code from data Injection vulnerabilities exist because data is interpreted as code by some downstream parser — SQL parser, […]

May 14, 2026 30 min Open
Intermediate Free

Vendor Audits — Conducting and Surviving Them

Why this module exists. Enterprise customers increasingly conduct annual security audits of their critical vendors. Done well by both parties, this is efficient and effective. Done badly, it consumes hundreds of hours and produces no real assurance. This module covers what works. Being audited — the customer-driven audit The typical customer audit pattern for SaaS […]

May 14, 2026 30 min Open
Intermediate Free

RBI / SEBI / IRDAI Cyber Audit — Indian Regulator Patterns

Why this module exists. Indian regulated entities are audited by their sector regulator (RBI, SEBI, IRDAI, TRAI, etc.) on a different cadence and framework than ISO 27001 or SOC 2. Treating these as the same as international audits leads to surprise findings. This module covers what differs. The regulators and their cyber audit programmes Regulator […]

May 14, 2026 30 min Open
Intermediate Free

SOC 2 Audit Preparation — Type I to Type II

Why this module exists. Most Indian SaaS companies aim for SOC 2 because their customers demand it. The discipline differs materially from ISO 27001 — different framework, different cadence, different auditor expectations. This module is the practitioner navigation. The fundamentals SOC 2 = Service Organization Controls 2. AICPA-defined framework. Auditor is a licensed CPA firm. […]

May 14, 2026 30 min Open
Intermediate Free

ISO 27001 Internal Audit — Pre-Certification Readiness

Why this module exists. ISO 27001:2022 has 93 Annex A controls grouped into four themes. The internal audit verifies these are implemented and effective. Done well, certification follows mechanically; done poorly, certification fails or extends. This module covers what works. The internal audit programme structure ISO 27001 requires internal audit at planned intervals. Practitioner cadence: […]

May 14, 2026 30 min Open
Intermediate Free

Threat Modelling at the Architecture Stage

Why this module exists. Threat modelling is referenced in every security architecture guide and practised by few engineering teams. The reason: it sounds like a workshop without a clear deliverable. This module makes the deliverable concrete. What threat modelling produces A documented list of threats relevant to the system being built. For each threat: the […]

May 14, 2026 30 min Open
Intermediate Free

Crisis Communications During an Incident

Why this module exists. The technical incident response succeeds or fails on operations; the public perception of the incident succeeds or fails on communications. The two need parallel investment. The five communication audiences Audience Concern Owner Customers “Am I affected? Should I act?” Communications + Customer Service Regulators Statutory notification + cooperation Legal + CISO […]

May 14, 2026 25 min Open
Intermediate Free

Backup Strategy — 3-2-1-1-0 and Ransomware-Resilient Architecture

Why this module exists. A backup that fails to restore is worse than no backup — it costs effort to maintain and provides false assurance. This module covers what to back up, how to store it so attackers cannot destroy it, and how to verify it works. The 3-2-1 rule — the baseline The classic […]

May 14, 2026 30 min Open
Intermediate Free

Recovery Testing — Tabletop, Functional, Full Failover

Why this module exists. Indian enterprises that test their DR architecture annually consistently outperform those that test it on the day of incident. The difference is operational muscle memory. This module covers building it. The four testing tiers Tier Disruption What it tests Tabletop None Plan logic, role clarity, decision-making Walk-through None Detailed step verification […]

May 14, 2026 30 min Open
Intermediate Free

Business Impact Analysis — Deriving RTO and RPO

Why this module exists. BIA produces the answer to the most important BCDR question: “what does it cost the business if this system is down?” Without that answer, you cannot prioritise recovery, size investments, or set recovery objectives. This module is the BIA practitioner workflow. What BIA produces For each business function and supporting IT […]

May 14, 2026 30 min Open
02 / Why learn here

Practitioners who've
shipped the controls.

Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.

Why learn here

01

Practitioner-written.

Each lesson is authored by someone who has shipped the control or run the engagement in production.

02

Quiz after every module.

20+ questions with explanations. 70%+ to mark complete. Unlimited retries.

03

Progress tracked.

Completions, scores and streaks saved automatically. Resume exactly where you left off.

04

India-priced.

Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.

Pick a path, get to work.

Browse all 398 modules View skill map