Cybersecurity, learned like a practitioner.
24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.
Cloud Security Practitioner · modules
AWS → Azure → GCP → Kubernetes. Real hardening, not checklists.
Module 19 · Cloud Security Posture Management (CSPM) at Production Scale
What CSPM tools do Connect to cloud accounts via API; continuously enumerate resources and configurations; check against benchmark rules; report findings. Tool Strength Prowler (open-source) AWS-focused; broad CIS coverage ScoutSuite (open-source) Multi-cloud (AWS, Azure, GCP) CloudSploit / Aqua (open-source) Multi-cloud; modern UI Wiz, Orca, Palo Alto Prisma Commercial; agentless scanning + risk graph AWS Security […]
Module 12 · AWS Lambda & Serverless Attack Surface
Why this module exists. Serverless is “no server to harden” — and a new attack surface that most security teams don’t review with the same rigour as VMs. Lambda functions, Cloud Functions, Azure Functions all share patterns: event-triggered execution, IAM-defined permissions, ephemeral compute, third-party dependencies. Each is an attack vector. The Lambda attack surface — […]
Module 13 · Cloud SSRF & IMDS — IMDSv2 and Beyond
Why this module exists. Capital One. Capital One. Capital One. Every cloud security training references it because the chain is iconic: external SSRF → IMDS → IAM credentials → S3 dump. Six years later, IMDSv1 is still enabled on enough EC2 fleets to keep the attack practical. And Azure / GCP have their own metadata-service […]
Module 15 · CloudTrail Forensics — Reading the Audit Log
Why this module exists. If you can’t read CloudTrail, you can’t do cloud incident response. CloudTrail is to AWS what Windows Event Logs are to AD: every action by every principal is recorded. Most defenders skim the volume; experienced cloud-IR practitioners write surgical Athena queries that crack open incidents in 20 minutes. What CloudTrail records […]
Module 16 · Cost-Based Denial of Service
Why this module exists. Modern cloud architectures auto-scale. Auto-scaling means an attacker who can drive load can drive your bill — to bankruptcy levels — without taking the service down. The 2020-2024 wave of “DenialOfWallet” attacks demonstrated that autoscaling without circuit breakers is a financial DoS. Indian SaaS, especially YC-funded startups with low cash runway, […]
Module 3 · Infrastructure-as-Code Security
Checkov, Trivy, kube-score. Terraform issue categories, Kubernetes hardening, Dockerfile patterns, Kyverno/OPA policies.
Module 5 · Secrets Management
Every application has secrets — database passwords, API keys, TLS certs, encryption keys, third-party tokens. Where you store them determines whether a compromise is contained or catastrophic. This module covers secrets-management patterns for modern cloud applications. The problem Secrets historically lived in: environment variables, config files, source code, shared spreadsheets, Slack messages, CI/CD logs. Each […]
Module 3 · S3 Security and Misconfigurations
Amazon S3 is the single cloud service that has caused more publicly-disclosed breaches than any other — by a wide margin. Hundreds of millions of records from financial institutions, healthcare organisations, government agencies, and consumer apps have leaked from misconfigured S3 buckets. Every single incident was preventable with settings available in the AWS console. This […]
Module 2 · AWS IAM Deep Dive
AWS IAM is the single largest source of cloud misconfigurations. It’s also AWS’s most powerful feature. Master it and you can architect least-privilege cleanly; fumble it and you ship the kind of blast radius that makes every new access key a production-impacting event. This module is the concrete IAM practitioner’s guide. You’ve seen the mental […]
Practitioners who've
shipped the controls.
Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.
Why learn here
Practitioner-written.
Each lesson is authored by someone who has shipped the control or run the engagement in production.
Quiz after every module.
20+ questions with explanations. 70%+ to mark complete. Unlimited retries.
Progress tracked.
Completions, scores and streaks saved automatically. Resume exactly where you left off.
India-priced.
Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.