Cybersecurity, learned like a practitioner.

24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.

24
Learning paths
398+
Live modules
0
You've completed
Free
Your tier
Browse the academy

Latest modules

Most recent practitioner playbooks across every track. Filter by topic, level, or search in the sidebar.

538 results · Page 33/54
DPDP Compliance Practitioner Advanced Free

DPIA — Data Protection Impact Assessment Under DPDP

Why this module exists. §10(2)(c) requires Significant Data Fiduciaries (SDFs) to conduct DPIAs. The Rules (when published) will likely extend DPIA expectations to high-risk processing by all Data Fiduciaries. Most Indian businesses have never done one. The methodology is more practical than the legal text suggests. What a DPIA is A structured assessment of a […]

Apr 27, 2026 35 min Open
DPDP Compliance Practitioner Intermediate Free

Children’s Data Under DPDP §9

Why this module exists. DPDP §9 is the strictest section of the Act. It prohibits behavioural tracking of children, prohibits targeted advertising to children, and requires verifiable parental consent for processing children’s data. Indian edtech, social media, gaming, and even general e-commerce all touch this section. The penalties for §9 violations are uncapped relative to […]

Apr 27, 2026 25 min Open
DPDP Compliance Practitioner Intermediate Free

DPDP Penalties, Adjudication & Appeals

Why this module exists. “How much can DPDP fines actually be?” The answer depends on the specific violation, the harm caused, and the discretion of the Data Protection Board. The Schedule maps violations to caps; the adjudication process determines the actual amount. Both sides — what gets fined and how — are widely misunderstood. The […]

Apr 27, 2026 25 min Open
DPDP Compliance Practitioner Intermediate Free

DPDP for SaaS — Building DPDP-Compliant Indian SaaS

Why this module exists. Indian SaaS companies are growing 30% YoY and most are scaling faster than their compliance posture. Founders wait until “we hit ₹10 crore ARR” or “we have to sell to a regulated customer” — by which time retrofitting DPDP costs 5x more than building it in. This module is the day-one […]

Apr 27, 2026 35 min Open
DPDP Compliance Practitioner Intermediate Free

DPDP Audit Readiness — DPB Inspection Playbook

Why this module exists. The Data Protection Board has inspection powers under §28. When the DPB shows up — physically or via written information request — you have days, not months, to produce evidence. Most Indian businesses can’t currently. This module is the readiness checklist. What the DPB can ask for Under §28 + civil-court […]

Apr 27, 2026 30 min Open
Cloud Security Practitioner Advanced Free

GCP IAM & Workload Identity Federation

Why this module exists. Every Indian SaaS that adopted GCP after 2022 inherited an IAM model fundamentally different from AWS. The pieces look similar — IAM, service accounts, roles — but the wiring is different and the attack paths are different. If you bring AWS muscle memory to GCP, you’ll either over-permission everything or miss […]

Apr 27, 2026 35 min Open
Cloud Security Practitioner Intermediate Free

AWS Lambda & Serverless Attack Surface

Why this module exists. Serverless is “no server to harden” — and a new attack surface that most security teams don’t review with the same rigour as VMs. Lambda functions, Cloud Functions, Azure Functions all share patterns: event-triggered execution, IAM-defined permissions, ephemeral compute, third-party dependencies. Each is an attack vector. The Lambda attack surface — […]

Apr 27, 2026 30 min Open
Cloud Security Practitioner Advanced Free

Service Mesh Security — Istio, Linkerd, mTLS

Why this module exists. “We added Istio and now we have zero trust.” No, you don’t. Service mesh adds powerful primitives — mTLS, identity-aware authorization — but most installations use ~20% of those primitives. The remaining 80% is where attacks live. What service mesh actually does An Envoy / Linkerd-proxy sidecar intercepts every request entering […]

Apr 27, 2026 30 min Open
Cloud Security Practitioner Intermediate Free

Cloud SSRF & IMDS — IMDSv2 and Beyond

Why this module exists. Capital One. Capital One. Capital One. Every cloud security training references it because the chain is iconic: external SSRF → IMDS → IAM credentials → S3 dump. Six years later, IMDSv1 is still enabled on enough EC2 fleets to keep the attack practical. And Azure / GCP have their own metadata-service […]

Apr 27, 2026 30 min Open
Cloud Security Practitioner Intermediate Free

CloudTrail Forensics — Reading the Audit Log

Why this module exists. If you can’t read CloudTrail, you can’t do cloud incident response. CloudTrail is to AWS what Windows Event Logs are to AD: every action by every principal is recorded. Most defenders skim the volume; experienced cloud-IR practitioners write surgical Athena queries that crack open incidents in 20 minutes. What CloudTrail records […]

Apr 27, 2026 35 min Open
02 / Why learn here

Practitioners who've
shipped the controls.

Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.

Why learn here

01

Practitioner-written.

Each lesson is authored by someone who has shipped the control or run the engagement in production.

02

Quiz after every module.

20+ questions with explanations. 70%+ to mark complete. Unlimited retries.

03

Progress tracked.

Completions, scores and streaks saved automatically. Resume exactly where you left off.

04

India-priced.

Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.

Pick a path, get to work.

Browse all 398 modules View skill map