Microsoft Cloud Attack and Defense Bootcamp

Microsoft Cloud is much more than just Azure!

This comprehensive 4-week bootcamp and its structured learning path provide students with foundational concepts, essential security tools and techniques, and instruction in attacking and defending Azure and Microsoft 365 environments.

Upon successfully completing the Microsoft Cloud Attack and Defense bootcamp and its associated learning path, you'll be prepared to demonstrate your skills in the exam lab. This fully hands-on, unproctored exam challenges you to apply your newfound expertise to complete an exploitation chain and get the flag.

The exam environment is dynamic, with the flag and scenario changing periodically to ensure the credibility of the Microsoft Cloud Red Team Professional (MCRTP) certification when applying for Azure security roles.

Prerequisites and key learning outcomes

You should know your way around the Windows or Linux command line! Familiarity with Azure is helpful but not required.

Students who successfully complete the 4-week bootcamp and structured learning path, and subsequently pass the exam to earn the Microsoft Cloud Red Team Professional (MCRTP) certification, have demonstrated proficiency in the following areas:

Understanding key Azure, Entra ID and Microsoft Graph concepts
Leveraging Azure resources to gain initial access and move laterally
Using modern phishing frameworks to gain initial access
Performing token abuse for lateral movement
Hands-on purple teaming in Azure
Increasing resource access through Office/Microsoft 365
Exploiting Conditional Access Policy / MFA enablement gaps
Attacking and defending Azure App Services
Creating Azure and Microsoft 365 tenant security reports
Detecting threats with Microsoft Sentinel
Lateral Movement from Azure to on-premises AD, and back!

Azure & M365 security learning path

In addition to the live, instructor-led bootcamp, students get access to a fully structured learning path covering penetration testing in Azure and Microsoft 365. This includes access to selected premium Azure security labs.

If you aspire to become a penetration tester, red team operator or cloud security professional focused on Azure and M365, this learning path has been created for you!

Lifetime access to the bootcamp recordings and custom content, and 45 days lab access. Lab access can be extended for $20 per month with a Pwned Labs Pro subscription.
Complete the bootcamp and learning path to prepare for the Microsoft Cloud Red Team Professional (MCRTP) certification. More information on the bootcamp, learning path and MCRTP exam can be found on the FAQs page.

Focus on trending techniques and tradecraft

The Microsoft Cloud Attack and Defense bootcamp showcases trending techniques and tradecraft used by real threat actors, including Storm-0558 and APT-29. The realistic labs simulate actual company environments and active users across Azure and Microsoft 365, that you are likely to come across during engagements or in your own organization.

Identify, replicate and detect tradecraft from recent cloud breaches
Explore various methods to complete the same tasks and become tool-agnostic
Learn how to evict threats and rotate/reset various forms of credentials

Get to know your trainer

Ian Austin is a security researcher and educator with a career spanning over 20 years in technical, security and leadership roles for global enterprises.

Ian was Head of Content at Hack The Box, a leading online platform for cybersecurity training and assessment. He also participated in the Green Team of Locked Shields, a NATO cyber defense exercise, contributing to the design and execution of realistic scenarios.

He is the founder of Pwned Labs, providing gamified and immersive cloud security labs for red and blue teams - https://pwnedlabs.io

Sessions schedule (February 2025 Batch)

This live bootcamp is delivered quarterly. The February batch of the Microsoft Cloud Attack and Defense Bootcamp runs for 4 weeks, starting February 1st through to February 22nd. The 4-hour, instructor-led live classes will take place using Zoom, and in private chat channels available in the Pwned Labs Discord. You'll receive an email after purchase with all the information you need to participate, including a breakdown of each session.

Can't make a session? We've got you! A Zoom recording will be available to watch and catch up a couple of hours after the end of each session.

Live session 1: Saturday, February 1 @ 5pm-9pm UTC
Live session 2: Saturday, February 8 @ 5pm-9pm UTC
Live session 3: Saturday, February 15 @ 5pm-9pm UTC
Live session 4: Saturday, February 22 @ 5pm-9pm UTC

Microsoft Cloud is much more than just Azure!

This comprehensive 4-week bootcamp and its structured learning path provide students with foundational concepts, essential security tools and techniques, and instruction in attacking and defending Azure and Microsoft 365 environments.

Upon successfully completing the Microsoft Cloud Attack and Defense bootcamp and its associated learning path, you'll be prepared to demonstrate your skills in the exam lab. This fully hands-on, unproctored exam challenges you to apply your newfound expertise in the hunt for flags.

The exam environment is dynamic, with flags and scenarios changing periodically to ensure the credibility of the Microsoft Cloud Red Team Professional (MCRTP) certification when applying for Azure security roles.

Prerequisites and key learning outcomes

You should know your way around the Windows or Linux command line! Familiarity with Azure is helpful but not required.

Students who successfully complete the 4-week bootcamp and structured learning path, and subsequently pass the exam to earn the Microsoft Cloud Red Team Professional (MCRTP) certification, have demonstrated proficiency in the following areas:

Understanding key Azure, Entra ID and Microsoft Graph concepts
Leveraging Azure resources to gain initial access and move laterally
Using modern phishing frameworks to gain initial access
Performing token abuse for lateral movement
Hands-on purple teaming in Azure
Increasing resource access through Office/Microsoft 365
Exploiting Conditional Access Policy / MFA enablement gaps
Attacking and defending Azure App Services
Creating Azure and Microsoft 365 tenant security reports
Detecting threats with Microsoft Sentinel
Lateral Movement from Azure to on-premises AD, and back!

Azure & M365 security learning path

In addition to the live, instructor-led bootcamp, students get access to a fully structured learning path covering penetration testing in Azure and Microsoft 365. This includes access to selected premium Azure security labs, as well as custom content created specifically for the learning pathway.

If you aspire to become a penetration tester, red team operator or cloud security professional focused on Azure and M365, this learning path has been created for you.

Lifetime access to the bootcamp recordings and learning path content, including future content updates
Complete the learning path to prepare for the Microsoft Cloud Red Team Professional (MCRTP) certification

Focus on trending techniques and tradecraft

The Microsoft Cloud Attack and Defense bootcamp showcases trending techniques and tradecraft used by real threat actors, including Storm-0558 and APT-29. The realistic labs simulate actual company environments and active users across Azure and Microsoft 365, that you are likely to come across during engagements or in your own organization.

Identify, replicate and detect tradecrafts from recent cloud breaches
Explore various methods to complete the same tasks and become tool-agnostic
Learn how to evict threats and rotate/reset various forms of credentials

Get to know your trainer

Ian Austin is a security researcher and educator with a career spanning over 20 years in technical, security and leadership roles for global enterprises.

Ian was Head of Content at Hack The Box, a leading online platform for cybersecurity training and assessment. He also participated in the Green Team of Locked Shields, a NATO cyber defense exercise, contributing to the design and execution of realistic scenarios.

He is the founder of Pwned Labs, providing gamified and immersive cloud security labs for red and blue teams - https://pwnedlabs.io

Get to know your trainer

Ian Austin is a security researcher and educator with a career spanning over 20 years in technical, security and leadership roles for global enterprises.

Ian was Head of Content at Hack The Box, a leading online platform for cybersecurity training and assessment. He also participated in the Green Team of Locked Shields, a NATO cyber defense exercise, contributing to the design and execution of realistic scenarios.

He is the founder of Pwned Labs, providing gamified and immersive cloud security labs for red and blue teams - https://pwnedlabs.io

Sessions schedule (November 2024 Batch)

This live bootcamp is delivered quarterly. The February 2025 batch of the Microsoft Cloud Attack and Defense Bootcamp runs for 4 weeks, starting February 1st through to February 22nd. The 4-hour, instructor-led live classes will take place using Zoom, and in a private chat channel available in the Pwned Labs Discord. You'll receive an email after purchase with all the information you need to participate, including a breakdown of each session.

Can't make a session? We've got you! A Zoom recording will be available to watch and catch up a couple of hours after the end of each session.

Live session 1: Saturday, February 1 @ 5pm-9pm UTC
Live session 2: Saturday, February 8 @ 5pm-9pm UTC
Live session 3: Saturday, February 15 @ 5pm-9pm UTC
Live session 4: Saturday, February 22 @ 5pm-9pm UTC

Great bootcamp with a holistic approach to Microsoft Cloud Abuses and Defenses at a great price. I had fun and I was eager for each session to start.

Thank you for putting together such excellent material, and making the price point accessible for a lot of people and the scholarships given. I'm really excited to see how far PwnedLabs go.

I really enjoyed being part of the Pwned Labs Discord community during the bootcamp. Engaging with other students, bouncing ideas off each other, and learning together in that environment enriched the experience.

Overall, I found the bootcamp to be excellent.
The content was comprehensive, and the practical exercises were very valuable. I appreciate the effort put into making it engaging and informative.🫡🫡

Before completing the Microsoft Cloud Attack and Defense Bootcamp, I had no experience or knowledge of cloud penetration testing. This boot camp provided the foundational understanding I needed, covering everything from the unique challenges cloud environments pose to the specific tools and techniques used for cloud security assessments. It equipped me with the skills to approach cloud penetration tests more confidently, something that was unfamiliar territory before. The practical, hands-on learning was particularly valuable in helping me understand the nuances of attacking and defending Microsoft Cloud infrastructures.

Hopefully this bootcamp is happening again, because
I really want to recommend it to some friends. I would also like to thank Ian, he's a very skilled and humble professional. He really cares that no one is left behind and that really means something.

Keep up this awesome work Ian and the team - you guys are doing a great job and helping people to gain a foothold (yikes) into cloud security.

I really appreciated the hands-on, immersive nature of the bootcamp. The realistic lab environments simulating actual company Azure and Microsoft 365 environments with active users were invaluable for learning. Being able to identify and replicate real-world techniques used by threat actors like Storm-0558 and APT-29 was extremely useful training. The structured learning path with access to premium Azure security labs and custom content was also a big plus.

I think the best part was the community aspect of it. Everybody learning together and helping each other in the discord channel. Learned a lot by asking and giving some help to others!

What I liked most about the bootcamp was the hands-on approach. It wasn't just theoretical; I got to apply what I learned in real-world scenarios, especially in Azure environments. This practical experience really helped solidify my understanding of cloud security concepts and strategies.

I really appreciated the balance between theory and practice. The hands-on labs were particularly helpful in solidifying my understanding of Azure security vulnerabilities and exploitation techniques

Microsoft Cloud Attack and Defense Bootcamp

Microsoft Cloud Attack and Defense Bootcamp Overview

Microsoft Cloud is much more than just Azure!

This comprehensive 4-week bootcamp and its structured learning path provide students with foundational concepts, essential security tools and techniques, and instruction in attacking and defending Azure and Microsoft 365 environments.

The exam environment is dynamic, with the flag and scenario changing periodically to ensure the credibility of the Microsoft Cloud Red Team Professional (MCRTP) certification when applying for Azure security roles.

Prerequisites and key learning outcomes

Azure & M365 security learning path

In addition to the live, instructor-led bootcamp, students get access to a fully structured learning path covering penetration testing in Azure and Microsoft 365. This includes access to selected premium Azure security labs.

If you aspire to become a penetration tester, red team operator or cloud security professional focused on Azure and M365, this learning path has been created for you!

Focus on trending techniques and tradecraft

Get to know your trainer

Sessions schedule (February 2025 Batch)

Can't make a session? We've got you! A Zoom recording will be available to watch and catch up a couple of hours after the end of each session.

Microsoft Cloud Attack and Defense Bootcamp

Microsoft Cloud Attack and Defense Bootcamp Overview

Microsoft Cloud is much more than just Azure!

This comprehensive 4-week bootcamp and its structured learning path provide students with foundational concepts, essential security tools and techniques, and instruction in attacking and defending Azure and Microsoft 365 environments.

Upon successfully completing the Microsoft Cloud Attack and Defense bootcamp and its associated learning path, you'll be prepared to demonstrate your skills in the exam lab. This fully hands-on, unproctored exam challenges you to apply your newfound expertise in the hunt for flags.

The exam environment is dynamic, with flags and scenarios changing periodically to ensure the credibility of the Microsoft Cloud Red Team Professional (MCRTP) certification when applying for Azure security roles.

Prerequisites and key learning outcomes

Azure & M365 security learning path

In addition to the live, instructor-led bootcamp, students get access to a fully structured learning path covering penetration testing in Azure and Microsoft 365. This includes access to selected premium Azure security labs, as well as custom content created specifically for the learning pathway.

If you aspire to become a penetration tester, red team operator or cloud security professional focused on Azure and M365, this learning path has been created for you.

Focus on trending techniques and tradecraft

Get to know your trainer

Get to know your trainer

Sessions schedule (November 2024 Batch)

Can't make a session? We've got you! A Zoom recording will be available to watch and catch up a couple of hours after the end of each session.

Great bootcamp with a holistic approach to Microsoft Cloud Abuses and Defenses at a great price. I had fun and I was eager for each session to start.

Thank you for putting together such excellent material, and making the price point accessible for a lot of people and the scholarships given. I'm really excited to see how far PwnedLabs go.

I really enjoyed being part of the Pwned Labs Discord community during the bootcamp. Engaging with other students, bouncing ideas off each other, and learning together in that environment enriched the experience.

Overall, I found the bootcamp to be excellent. The content was comprehensive, and the practical exercises were very valuable. I appreciate the effort put into making it engaging and informative.🫡🫡

Hopefully this bootcamp is happening again, becauseI really want to recommend it to some friends. I would also like to thank Ian, he's a very skilled and humble professional. He really cares that no one is left behind and that really means something.

Keep up this awesome work Ian and the team - you guys are doing a great job and helping people to gain a foothold (yikes) into cloud security.

I think the best part was the community aspect of it. Everybody learning together and helping each other in the discord channel. Learned a lot by asking and giving some help to others!

What I liked most about the bootcamp was the hands-on approach. It wasn't just theoretical; I got to apply what I learned in real-world scenarios, especially in Azure environments. This practical experience really helped solidify my understanding of cloud security concepts and strategies.

I really appreciated the balance between theory and practice. The hands-on labs were particularly helpful in solidifying my understanding of Azure security vulnerabilities and exploitation techniques

Purchase options

Each bootcamp purchase includes two attempts for the MCRTP exam. Additional MCRPT exam re-attempts can also be bought individually. Please note that a bootcamp purchase is required to be able to attempt the exam.

Select an option to securely checkout.

If you're interested in a bulk purchase, please let us know your requirements using the form below.

Contact Us

Quick links

Quick links

Overall, I found the bootcamp to be excellent.
The content was comprehensive, and the practical exercises were very valuable. I appreciate the effort put into making it engaging and informative.🫡🫡

Hopefully this bootcamp is happening again, because
I really want to recommend it to some friends. I would also like to thank Ian, he's a very skilled and humble professional. He really cares that no one is left behind and that really means something.