Cybersecurity, learned like a practitioner.
24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.
Cloud Security Practitioner · modules
AWS → Azure → GCP → Kubernetes. Real hardening, not checklists.
Module 13 · Cloud SSRF & IMDS — IMDSv2 and Beyond
Why this module exists. Capital One. Capital One. Capital One. Every cloud security training references it because the chain is iconic: external SSRF → IMDS → IAM credentials → S3 dump. Six years later, IMDSv1 is still enabled on enough EC2 fleets to keep the attack practical. And Azure / GCP have their own metadata-service […]
Module 15 · CloudTrail Forensics — Reading the Audit Log
Why this module exists. If you can’t read CloudTrail, you can’t do cloud incident response. CloudTrail is to AWS what Windows Event Logs are to AD: every action by every principal is recorded. Most defenders skim the volume; experienced cloud-IR practitioners write surgical Athena queries that crack open incidents in 20 minutes. What CloudTrail records […]
Module 16 · Cost-Based Denial of Service
Why this module exists. Modern cloud architectures auto-scale. Auto-scaling means an attacker who can drive load can drive your bill — to bankruptcy levels — without taking the service down. The 2020-2024 wave of “DenialOfWallet” attacks demonstrated that autoscaling without circuit breakers is a financial DoS. Indian SaaS, especially YC-funded startups with low cash runway, […]
Module 17 · Multi-Cloud Identity Federation Attack Surface
Why this module exists. Indian enterprises in 2026 are multi-cloud. Workloads on AWS, identity in Entra ID, data lakes in GCP, kubernetes on multiple clouds. Each integration uses identity federation — and each federation is a trust boundary that attackers can pivot across. The bugs that matter are at the seams between clouds, not within […]
Zero Trust Architecture — From VPN to Identity-Aware Access
What Zero Trust actually is, the five CISA pillars, the reference stack for Indian mid-market organisations, and a realistic 12 to 18 month rollout sequence — identity, devices, conditional access, ZTNA, workload identity, data classification.
Module 3 · Infrastructure-as-Code Security
Checkov, Trivy, kube-score. Terraform issue categories, Kubernetes hardening, Dockerfile patterns, Kyverno/OPA policies.
Module 7 · Cloud Incident Response
Cloud incidents move fast. An attacker with a leaked access key can enumerate the account in minutes and begin exfiltration. Response time matters. This module covers a practitioner-grade cloud IR workflow — what to do in the first 30 minutes, 2 hours, and 24 hours after suspecting compromise. The cloud-specific challenges Speed — API-based actions […]
Module 6 · Cross-Account Attacks in AWS
Multi-account AWS (or multi-subscription Azure / multi-project GCP) is the norm. Production in one account, staging in another, security tooling in a third, sometimes dozens of accounts across business units. Each cross-account boundary is a potential attack surface — and when misconfigured, a path from one compromised account to many. Why multi-account Blast-radius limitation — […]
Module 5 · Secrets Management
Every application has secrets — database passwords, API keys, TLS certs, encryption keys, third-party tokens. Where you store them determines whether a compromise is contained or catastrophic. This module covers secrets-management patterns for modern cloud applications. The problem Secrets historically lived in: environment variables, config files, source code, shared spreadsheets, Slack messages, CI/CD logs. Each […]
Module 4 · Kubernetes Attack Surface
Kubernetes is where 2024-2026 cloud security action is happening. Every Indian fintech, every serious SaaS, and most mature enterprises now run workloads on Kubernetes. And Kubernetes, by design, has the most complex security surface of any modern platform. The control plane, the worker nodes, the network fabric, the service mesh, the supply chain, the secrets, […]
Practitioners who've
shipped the controls.
Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.
Why learn here
Practitioner-written.
Each lesson is authored by someone who has shipped the control or run the engagement in production.
Quiz after every module.
20+ questions with explanations. 70%+ to mark complete. Unlimited retries.
Progress tracked.
Completions, scores and streaks saved automatically. Resume exactly where you left off.
India-priced.
Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.