AWS is the current market leader in public cloud!
This on-demand bootcamp and structured learning path teaches practical techniques for attacking and defending AWS environments. You will work through identity-driven attack paths across AWS and CI/CD using techniques observed in active intrusions.
After completing the bootcamp and associated learning path, you will validate your skills in a fully hands-on, unproctored exam that requires completing an end-to-end exploitation chain.
The exam environment is dynamic, with scenarios changing regularly to reflect real-world AWS intrusions and ensure certification credibility.
Prerequisites and key learning outcomes
You should be comfortable using the Windows or Linux command line. Prior AWS experience is helpful but not required.
After completing the bootcamp and passing the exam, you will demonstrate proficiency in:
- Understand core AWS services and identity concepts
- Simulate compromise of developer and cloud workloads
- Perform AWS security audits and remediate misconfigurations
- Leverage AWS services for initial access and lateral movement
- Use phishing techniques for initial access
- Abuse compromised credentials for privilege escalation
- Abuse Amazon Bedrock and integrated data stores
- Execute hands-on purple team attack and defense scenarios
- Exploit misconfigured IAM roles and trust relationships
- Detect threats using GuardDuty, CloudTrail, Athena, and Splunk
- Attack and defend a broad range of AWS IaaS and PaaS services, including EC2, Lambda, IAM, CI/CD, storage, and application services
What you get
You get ongoing access to the full AWS security curriculum, organized into four pillars that align to the four sessions. Each pillar includes its own learning path so you can hit the ground running before the session starts.
- Lifetime access to the latest session recordings, updated slides and command guides, bootcamp labs, and all future course updates
- 45 days of Academy lab access for the learning paths tied to each session, extendable with subscription
- Direct preparation for the PLACRTP certification exam
- More information on the bootcamp, learning paths, and the PLACRTP exam is available here
Focus on trending techniques and tradecraft
The Pwned Labs Amazon Cloud Attack & Defense Bootcamp – Professional Edition covers attacker tradecraft observed in real AWS cloud breaches, including activity attributed to groups such as AMBERSQUID and SCARLETEEL. Labs simulate realistic enterprise environments with active users and services.
You will learn how to:
- Identify and replicate tradecraft from recent cloud incidents
- Execute attacks using multiple approaches and tools
- Evict attackers and rotate credentials across AWS services
Tyler Petty brings over a decade of cybersecurity experience across technical and leadership roles and works as a cloud security engineer.
Driven by a passion for helping others, he has created hands-on labs in cloud security and DevSecOps, along with a course on using Infrastructure as Code to build secure infrastructure on AWS.
He is actively involved in the cloud security community, contributing hands-on educational content and open-source resources focused on AWS security, DevSecOps, and real-world defensive and offensive techniques.
Ian Austin is a security researcher and educator with a career spanning over 20 years in technical, security and leadership roles for global enterprises.
Ian was Head of Content at Hack The Box, a leading online platform for cybersecurity training and assessment. He also participated in the Green Team of Locked Shields, a NATO cyber defense exercise, contributing to the design and execution of realistic scenarios.
He is the founder of Pwned Labs, providing gamified and immersive cloud security labs for red and blue teams.
How it works
Start immediately with on-demand access. Work through the learning path and labs at your own pace. Your purchase includes 45 days of lab access (extendable with subscription) and two ACRTP exam attempts. Support is available via Discord.
