Cybersecurity, learned like a practitioner.

24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.

24
Learning paths
398+
Live modules
0
You've completed
Free
Your tier
Browse the academy

Latest modules

Most recent practitioner playbooks across every track. Filter by topic, level, or search in the sidebar.

538 results · Page 31/54
DevSecOps Intermediate Free

Vulnerability Triage at Scale

Why this module. A typical enterprise scan returns 50,000+ CVEs across servers, containers, dependencies. Trying to “fix all critical/high” is mathematically impossible at that scale. Modern triage uses EPSS, KEV, reachability, and asset criticality to focus the 200 fixes that matter. The signals beyond CVSS CVSS — severity in theory. The original signal; loud and […]

Apr 27, 2026 25 min Open
DevSecOps Intermediate Free

Shift-Right Security — Runtime Defence

Why this module. “Shift-left” — find security issues earlier — became dogma. But shift-left has limits: bugs ship anyway, dependencies have CVEs you can’t anticipate, attackers find new exploits. Modern teams add “shift-right” — runtime detection and response — without abandoning shift-left. Where shift-left fails Zero-day exploits — by definition unknowable at build time Configuration […]

Apr 27, 2026 25 min Open
DevSecOps Intermediate Free

DevSecOps Metrics & Maturity

Why this module. Engineering teams measure DORA. Security teams measure CVE backlog. DevSecOps requires a unified metric set — measuring how secure software is delivered, not just secure or how fast. This module is the metrics blueprint. DORA — the engineering baseline Deployment Frequency — how often code reaches production Lead Time for Changes — […]

Apr 27, 2026 20 min Open
DevSecOps Beginner Free

Pre-Commit Hooks for Security

Why this module. The cheapest security check is the one that runs on the developer’s laptop before code ever reaches CI. Pre-commit hooks catch ~60% of mistakes for ~5% of the operational cost of equivalent CI checks. What runs in pre-commit Linting + format — Ruff, Black, ESLint, Prettier. Reduces diff noise. Type checking — […]

Apr 27, 2026 20 min Open
DevSecOps Intermediate Free

Container & Image Scanning

Why this module. Every container starts from a base image with hundreds of packages, most of which the application doesn’t use, all of which could have CVEs. Scanning is mandatory; scanning well is the differentiator. Where to scan Build time — fail PRs that introduce new critical CVEs. Trivy / Grype in CI. Registry — […]

Apr 27, 2026 25 min Open
DevSecOps Beginner Free

Secret Scanning in Code Repos

Why this module. Engineers commit secrets. AWS keys, API tokens, database passwords end up in Git, often in .env.example files that were supposed to have placeholders. Once committed, secrets stay in Git history forever — and within minutes attackers find them via GitHub search. The tool stack git-secrets / detect-secrets / Gitleaks / TruffleHog — […]

Apr 27, 2026 20 min Open
Blue Team / SOC Operations Intermediate Free

DNS-Based Detection Strategy

Why this module exists. Almost every internet attack starts with a DNS query — beaconing to C2, exfiltration via DNS tunneling, phishing-link resolution, malware updating itself. DNS logs are the highest-signal-per-byte log source in your environment, and most SOCs underuse them. What DNS logs reveal Beaconing — same source contacting same destination at fixed intervals […]

Apr 27, 2026 25 min Open
Blue Team / SOC Operations Intermediate Free

SOC Metrics & MTTR Reduction

Why this module exists. “Is our SOC effective?” CISOs need a measurable answer. Common metrics — alert volume, ticket count — measure activity, not effectiveness. The metrics that matter are MTTD (mean time to detect), MTTR (mean time to respond), false-positive rate, and ATT&CK technique coverage. Each has a target; each has specific operational levers. […]

Apr 27, 2026 25 min Open
Blue Team / SOC Operations Advanced Free

Threat Intelligence Operations

Why this module exists. Threat intelligence is one of the most-purchased and least-utilised security investments. Companies subscribe to feeds that nobody reads, vendor reports that nobody actions. Done well, TI shapes detection, prioritisation, and strategy. Done badly, it’s expensive noise. The three altitudes of TI Type Audience Outputs Cadence Strategic Executives, board Threat landscape, risk-driven […]

Apr 27, 2026 30 min Open
Blue Team / SOC Operations Advanced Free

Purple Teaming Methodology

Why this module exists. Red teams find what defenders missed. Blue teams build detections. Purple teams put both in the same room — making a single exercise simultaneously a test, a learning event, and a detection-engineering session. The output: detections that work for the techniques attackers actually use. What purple team isn’t Not “let’s all […]

Apr 27, 2026 30 min Open
02 / Why learn here

Practitioners who've
shipped the controls.

Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.

Why learn here

01

Practitioner-written.

Each lesson is authored by someone who has shipped the control or run the engagement in production.

02

Quiz after every module.

20+ questions with explanations. 70%+ to mark complete. Unlimited retries.

03

Progress tracked.

Completions, scores and streaks saved automatically. Resume exactly where you left off.

04

India-priced.

Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.

Pick a path, get to work.

Browse all 398 modules View skill map