Cybersecurity, learned like a practitioner.
24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.
Intermediate · modules
Modules tagged Intermediate. Use the sidebar to narrow by track or topic.
EDR Fundamentals
EDR telemetry, process lineage, response actions, vendor landscape, and the live-response triage sequence.
Detection Engineering with Sigma
Sigma rule anatomy, the two mistakes beginners make, tuning workflow, and detection-as-code in Git.
SIEM Fundamentals
SIEM architecture, log pipeline, parsing and normalization, retention tiering, and vendor landscape for 2026.
Incident Response Playbook
An incident response (IR) playbook is the written plan your team executes when things go wrong. Not the feature of a tool, not an idea, not a slide deck — a concrete document that says “when X happens, do Y, then Z, with owner A accountable.” This module covers playbook structure, the core playbooks every […]
Threat Hunting Workflow
Threat hunting is proactive — actively searching for adversary activity that automated detection missed. Unlike SOC triage (reactive, works from alerts), hunting starts with a hypothesis and tests it against available data. This module covers the workflow, the hypothesis-driven method, and practical queries to start hunting tonight. Why hunt Automated detections catch KNOWN patterns; hunts […]
Secrets Management
Every application has secrets — database passwords, API keys, TLS certs, encryption keys, third-party tokens. Where you store them determines whether a compromise is contained or catastrophic. This module covers secrets-management patterns for modern cloud applications. The problem Secrets historically lived in: environment variables, config files, source code, shared spreadsheets, Slack messages, CI/CD logs. Each […]
File Upload Vulnerabilities
File upload features are everywhere — profile pictures, document uploads, attachments, imports. They’re also one of the most frequently-exploited vulnerability classes, capable of escalating from “user” to “RCE” in one click. This module covers the attack patterns and the layered defences. The attack surface Attacker uploads a file (malicious) Server saves file to disk Server […]
Cross-Site Request Forgery Deep Dive
Cross-Site Request Forgery (CSRF) tricks a user’s browser into submitting authenticated actions to a trusted site. Once ubiquitous, modern browsers and frameworks have made the baseline defence far stronger. But CSRF still appears — especially in legacy APIs and apps that mishandle authentication state. The core attack User is logged into bank.com (browser holds session […]
VPN Fundamentals — IPsec, OpenVPN, WireGuard and the Math That Makes Them Work
A VPN tunnels Layer 3 (or Layer 2) traffic over an untrusted network, with confidentiality, integrity, and authentication. The three protocols you need to know are IPsec (the enterprise default), OpenVPN (the legacy SSL VPN), and WireGuard (the modern lightweight default). This m
Firewall and ACL Design — Stateless, Stateful, NGFW, and the Rules That Survive 5 Years
A firewall is just a structured list of "allow / deny" rules applied to traffic. Stateless ACLs filter packet by packet; stateful firewalls track connections; NGFWs add Layer 7 inspection. The trick to firewall design is not picking the product — it is designing rules that are ex
Practitioners who've
shipped the controls.
Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.
Why learn here
Practitioner-written.
Each lesson is authored by someone who has shipped the control or run the engagement in production.
Quiz after every module.
20+ questions with explanations. 70%+ to mark complete. Unlimited retries.
Progress tracked.
Completions, scores and streaks saved automatically. Resume exactly where you left off.
India-priced.
Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.