Google Cloud is everywhere!
This on-demand bootcamp and structured learning path teaches practical techniques for attacking and defending GCP and Google Workspace environments.
After completing the bootcamp and associated learning path, you will validate your skills in a fully hands-on, unproctored exam that requires completing an end-to-end exploitation chain.
The exam environment is dynamic, with scenarios changing regularly to reflect real-world Google Cloud intrusions and ensure certification credibility.
Prerequisites and key learning outcomes
You should be comfortable using the Windows or Linux command line. Prior GCP experience is helpful but not required.
After completing the bootcamp and passing the exam, you will demonstrate proficiency in:
- Core GCP and Google Workspace security concepts
- Identity-driven initial access and lateral movement in GCP
- Auditing and exploiting misconfigured IAM permissions
- Attacking and defending Google Workspace environments
- Hands-on purple teaming against realistic attack scenarios
- Investigating incidents using Google Cloud logging and security tools
- Detecting and responding to real-world GCP attack paths
- Attack and defend a broad range of GCP SaaS, IaaS, and PaaS services, including VMs, storage, CI/CD, and application services
What you get
You get ongoing access to the full GCP and Google Workspace security curriculum, organized into four pillars that align to the four sessions. Each pillar includes its own learning path so you can hit the ground running before the session starts.
- Lifetime access to the latest bootcamp session recordings for each pillar
- Lifetime access to updated slides, command guides, and materials
- 45 days of Academy lab access for the learning paths tied to each session, extendable with subscription
- Direct preparation for the GCRTP certification exam
More information on the bootcamp, learning paths, and the GCRTP exam is available here
Focus on trending techniques and tradecraft
The Pwned Labs Google Cloud Attack & Defense Bootcamp – Professional Edition focuses on techniques used by real-world threat actors, including TRIPLESTRENGTH. Labs simulate realistic enterprise environments and active users across GCP and Google Workspace.
You will learn how to:
- Identify and replicate tradecraft from recent cloud breaches
- Execute attacks across identity, workloads, and CI/CD systems
- Evict attackers and rotate or reset compromised credentials
Matt Watkins has over a decade of experience in offensive and defensive security, spanning big tech, startups, and leading vendors, with a specialization in cloud security-particularly GCP.
He brings deep expertise in building and securing operations at scale, combining hands-on technical skills with a talent for breaking down complex topics to help teams understand both the "what" and the "why" behind modern security practices.
He brings an attacker-informed mindset to cloud defense, focusing on practical detection engineering, threat emulation, and real-world security operations in GCP environments.
Ian Austin is a security researcher and educator with a career spanning over 20 years in technical, security and leadership roles for global enterprises.
Ian was Head of Content at Hack The Box, a leading online platform for cybersecurity training and assessment. He also participated in the Green Team of Locked Shields, a NATO cyber defense exercise, contributing to the design and execution of realistic scenarios.
He is the founder of Pwned Labs, providing gamified and immersive cloud security labs for red and blue teams.
How it works
Start immediately with on-demand access. Work through the learning path and labs at your own pace. Your purchase includes 45 days of lab access (extendable with subscription) and two GCRTP exam attempts. Support is available via Discord.
