Skip to content

Pwned Labs Amazon Cloud Attack & Defense Bootcamp - Professional Edition

Hands-on AWS attack and defense training focused on real-world identity and infrastructure attack paths.


Ideal for: Penetration testers, security consultants, cloud red teamers, purple teamers, cloud security engineers validating AWS controls, and practitioners aspiring to these roles.

 

 Designed for modern identity-driven AWS environments


Already registered? Access here

Pwned Labs Amazon Cloud Attack & Defense Bootcamp - Professional Edition Overview

ACRTP_

AWS is the current market leader in public cloud!

This 4-week professional bootcamp teaches modern AWS attack and defense tradecraft used in real-world breaches and cloud security engagements.

You will work through hands-on assume-breach scenarios to compromise, audit, and defend AWS environments across identity, compute, and infrastructure services.

On completion, you will be prepared to demonstrate your skills in the fully hands-on, unproctored exam lab for the Pwned Labs Amazon Cloud Red Team Professional (ACRTP) certification.

The ACRTP bootcamp is suitable for both live cohorts and on-demand study.

 

aws_security

Prerequisites and key learning outcomes

You should be comfortable using the Windows or Linux command line. Prior AWS experience is helpful but not required.

Successful candidates demonstrate proficiency in the following areas:

  • Understand core AWS services and identity concepts
  • Simulate compromise of developer and cloud workloads
  • Perform AWS security audits and remediate misconfigurations
  • Leverage AWS services for initial access and lateral movement
  • Use phishing techniques for initial access
  • Abuse compromised credentials for privilege escalation
  • Abuse Amazon Bedrock and integrated data stores
  • Execute hands-on purple team attack and defense scenarios
  • Exploit misconfigured IAM roles and trust relationships
  • Detect threats using GuardDuty, CloudTrail, Athena, and Splunk
  • Attack and defend a broad range of AWS IaaS and PaaS services, including EC2, Lambda, IAM, CI/CD, storage, and application services
aws_learning_path-1

What you get

You get ongoing access to the full AWS security curriculum, organized into four pillars that align to the four sessions. Each pillar includes its own learning path so you can hit the ground running before the session starts.

  • Lifetime access to the latest bootcamp session recordings for each pillar
  • Lifetime access to updated slides, command guides, and materials
  • 45 days of Academy lab access for the learning paths tied to each session, extendable with subscription
  • Direct preparation for the PLACRTP certification exam
  • More information on the bootcamp, learning paths, and the PLACRTP exam is available here
SCARLETEEL-3

Focus on trending techniques and tradecraft

This bootcamp focuses on modern AWS attack and defense techniques observed in real-world cloud breaches, including tradecraft used by groups such as AMBERSQUID and SCARLETEEL. Labs simulate realistic AWS environments with active users and production-style workloads.

You will learn how to:

  • Identify and replicate tradecraft from recent cloud incidents
  • Execute attacks using multiple approaches and tools
  • Evict attackers and rotate credentials across AWS services

Meet the team

One of your trainers will be live for every weekend session, with full support provided via Discord.

Tyler-Dec-11-2025-09-21-41-1006-PM

Tyler Petty brings over a decade of cybersecurity experience across technical and leadership roles and works as a cloud security engineer.

Driven by a passion for helping others, he has created hands-on labs in cloud security and DevSecOps, along with a course on using Infrastructure as Code to build secure infrastructure on AWS.

He is actively involved in the cloud security community, contributing hands-on educational content and open-source resources focused on AWS security, DevSecOps, and real-world defensive and offensive techniques.

Ian_Austin

Ian Austin is a security researcher and educator with a career spanning over 20 years in technical, security and leadership roles for global enterprises.

Ian was Head of Content at Hack The Box, a leading online platform for cybersecurity training and assessment. He also participated in the Green Team of Locked Shields, a NATO cyber defense exercise, contributing to the design and execution of realistic scenarios.

He is the founder of Pwned Labs, providing gamified and immersive cloud security labs for red and blue teams.

image 52 (1)

Sessions schedule (March 2026 Batch)

This live bootcamp runs for 4 weeks, with weekly 4-hour instructor-led sessions delivered via Zoom. Session recordings are available shortly after each live session.

 

  • Live session 1: Saturday, March 7 @ 5pm-9pm UTC
  • Live session 2: Saturday, March 14 @ 5pm-9pm UTC
  • Live session 3: Saturday, March 21 @ 5pm-9pm UTC
  • Live session 4: Saturday, March 28 @ 5pm-9pm UTC

Prefer to start immediately? Contact hi@pwnedlabs.io for on-demand access.
 


Purchase options


Each bootcamp purchase includes two attempts at the ACRTP exam. Additional re-attempts can be purchased separately.

Bootcamp registration is required to attempt the exam.

Bulk and team purchases are available.

 

 

acrtp_pricing
exam_reattempt-2

Ask your employer to fund ACRTP


Need employer funding approval? Use our ready-made employer funding request to outline the value of the Pwned Labs Amazon Cloud Attack & Defense Bootcamp - Professional Edition and the ACRTP certification.

Prefer to self-fund? You can enroll immediately.

 

Got any Questions? Get in touch