Skip to content

Pwned Labs Microsoft Cloud Attack & Defense Bootcamp - Professional Edition

Hands-on Microsoft Cloud attack and defense training focused on real-world attack paths across Azure and Microsoft 365.

Ideal for: Penetration testers, security consultants, cloud red teamers, purple teamers, cloud security engineers validating Azure controls, and practitioners aspiring to these roles.


Designed for modern identity-driven Microsoft Cloud environments


Already registered? Access here

 

Looking for Expert Edition? View MCRTE

Pwned Labs Microsoft Cloud Attack & Defense Bootcamp - Professional Edition Overview

MCRTP_

Microsoft Cloud is much more than just Azure!

This 4-week professional bootcamp teaches how real attackers compromise Microsoft cloud environments and how defenders detect and respond. You will work through identity-driven attack paths across Entra ID, Azure, and Microsoft 365 using techniques observed in active intrusions.

On completion, you will be ready to attempt the Pwned Labs Microsoft Cloud Red Team Professional (MCRTP) certification through a fully hands-on, unproctored exam that validates practical tradecraft rather than theory.

The bootcamp is also available in an on-demand format.

microsoft_cloud

Prerequisites and key learning outcomes

This bootcamp assumes basic command-line familiarity. Prior Azure experience is helpful but not required.

  • Understand core Azure, Entra ID, and Microsoft Graph concepts
  • Gain initial access and move laterally using identity-driven attack paths
  • Abuse tokens, applications, and cloud permissions
  • Simulate real-world attacks using purple team techniques
  • Identify and exploit Conditional Access and MFA gaps
  • Detect attacker activity using Microsoft Sentinel
  • Perform lateral movement between Azure and on-prem environments
  • Attack and defend a broad range of SaaS, IaaS, and PaaS cloud services, including Azure App Services, VMs, Storage, and more
Group 39943

What you get

You get ongoing access to the full Azure and Microsoft 365 security curriculum, organized into four pillars that align to the four sessions. Each pillar includes its own learning path so you can hit the ground running before the session starts.

  • Lifetime access to the latest bootcamp session recordings for each pillar
  • Lifetime access to updated slides, command guides, and materials
  • 45 days of Academy lab access for the learning paths tied to each session, extendable with subscription
  • Direct preparation for the MCRTP certification exam
  • More information on the bootcamp, learning paths, and the MCRTP exam is available here
tatradecraft-1

Focus on trending techniques and tradecraft

The Pwned Labs Microsoft Cloud Attack & Defense Bootcamp – Professional Edition covers attacker tradecraft observed in real Microsoft cloud breaches, including activity attributed to groups such as Storm-0558 and APT-29. Labs simulate realistic enterprise environments with active users and services.

You will learn how to:

  • Reproduce tradecraft from recent cloud incidents
  • Execute attacks using multiple tooling approaches
  • Evict attackers and rotate compromised credentials

Meet the team

Every live session is delivered by an instructor, with ongoing support provided via Discord.

Filip-3

Filip Jodoin has over half a decade of experience across both red and blue cybersecurity roles, with a strong focus on cloud adversary emulation and modern Microsoft Cloud attack techniques.

Prior to focusing on offensive security, Filip worked in Azure architecture roles at Ubisoft, where he addressed complex Microsoft Cloud security challenges at enterprise scale.

Filip focuses on designing and executing realistic attack simulations across Azure, Entra ID, and Microsoft 365 to evaluate detection coverage and defensive readiness.

Ian_Austin

Ian Austin is a security researcher and educator with a career spanning over 20 years in technical, security and leadership roles for global enterprises.

Ian was Head of Content at Hack The Box, a leading online platform for cybersecurity training and assessment. He also participated in the Green Team of Locked Shields, a NATO cyber defense exercise, contributing to the design and execution of realistic scenarios.

He is the founder of Pwned Labs, providing gamified and immersive cloud security labs for red and blue teams.

image 52 (1)

Sessions schedule (February 2026 Batch)

This live bootcamp runs quarterly over four weeks. Sessions are delivered live via Zoom, with recordings available after each session.

 

  • Live session 1: Saturday, February 7 @ 5pm-9pm UTC
  • Live session 2: Saturday, February 14 @ 5pm-9pm UTC
  • Live session 3: Saturday, February 21 @ 5pm-9pm UTC
  • Live session 4: Saturday, February 28 @ 5pm-9pm UTC


Prefer to start immediately? Contact hi@pwnedlabs.io for on-demand access.

 

What previous participants say

Before completing the Microsoft Cloud Attack and Defense Bootcamp, I had no experience or knowledge of cloud penetration testing. This boot camp provided the foundational understanding I needed, covering everything from the unique challenges cloud environments pose to the specific tools and techniques used for cloud security assessments. It equipped me with the skills to approach cloud penetration tests more confidently, something that was unfamiliar territory before. The practical, hands-on learning was particularly valuable in helping me understand the nuances of attacking and defending Microsoft Cloud infrastructures.

I really appreciated the hands-on, immersive nature of the bootcamp. The realistic lab environments simulating actual company Azure and Microsoft 365 environments with active users were invaluable for learning. Being able to identify and replicate real-world techniques used by threat actors like Storm-0558 and APT-29 was extremely useful training. The structured learning path with access to premium Azure security labs and custom content was also a big plus.

I think the best part was the community aspect of it. Everybody learning together and helping each other in the discord channel. Learned a lot by asking and giving some help to others!

What I liked most about the bootcamp was the hands-on approach. It wasn't just theoretical; I got to apply what I learned in real-world scenarios, especially in Azure environments. This practical experience really helped solidify my understanding of cloud security concepts and strategies.

I really appreciated the balance between theory and practice. The hands-on labs were particularly helpful in solidifying my understanding of Azure security vulnerabilities and exploitation techniques

 


Purchase options


Each bootcamp purchase includes two attempts at the MCRTP certification exam. Additional re-attempts can be purchased separately.

Bootcamp registration is required to attempt the exam.

Bulk and team purchases are available.

mcrtp_pricing
exam_reattempt-2

Ask your employer to fund MCRTP


Need employer funding approval? Use our ready-made employer funding request to outline the value of the Pwned Labs Microsoft Cloud Attack & Defense Bootcamp - Professional Edition and the MCRTP certification.

Prefer to self-fund? You can enroll immediately.

 

Got any Questions? Get in touch