EpochZero Learn
EpochZero LearnMulti-Domain Tech Learning Hub
Courses
LeaderboardAbout
Dashboard
EpochZero
EpochZero Learn
Multi-Domain Tech Learning Hub

Structured learning for Reverse Engineering, Cloud Security, Cryptography, and Web Development. Articles, videos, tests, and peer discussion.

Learn

  • Learning Path
  • All Articles
  • Video Lessons
  • Podcast
  • eBooks & PDFs
  • Question Banks
  • Cheatsheets
  • MCQ Banks

Tests & Forum

  • All Tests
  • REMA Tests
  • Cloud Tests
  • Forum
  • REMA Forum
  • Cloud Forum
  • Crypto Forum
  • Web Dev Forum

Campus

  • REMA Club
  • Full Stack Dev Club
  • Extension Activity
  • Events
  • CTF Competitions
  • Workshops
  • Industrial Visits

Platform

  • Dashboard
  • Leaderboard
  • About
  • Verify Certificate

© 2026 EpochZero Learn. Educational content for learning purposes.

Course Instructor: Ashish Revar

Lab notebook

Articles & writeups

In-depth analyses of malware samples, technique deep-dives, and lab notes from the field. Long-form, technical, no fluff.

All articlesAnalyst PracticeEducationMalware Deliverycloud-securitymalware-analysisresearch-methodology

54 articles in "cloud-security" — page 6 of 6

cloud-security

Cloud Security Control Layers & CSA Cloud Controls Matrix

How cloud security controls are layered across preventive, detective, and corrective tiers — and a complete walkthrough of the 17 domains of the CSA Cloud Controls Matrix v4.

3 July 202612 min
Read →
cloud-security

Cloud Architecture, Virtualization & Containers

Regions, availability zones, control planes, defence in depth, Zero Trust, Type-1 and Type-2 hypervisors, hardware-assisted virtualization, and why containers are not VMs — the architectural layer that cloud security sits on top of.

3 July 202614 min
Read →
cloud-security

Cloud Computing Fundamentals & Service Models

From the NIST five essential characteristics to IaaS, PaaS, SaaS and beyond — the building blocks every cloud security practitioner must understand before touching a single control.

3 July 202612 min
Read →
cloud-security

Threat Modelling with STRIDE & MITRE ATT&CK for Cloud

How to apply the STRIDE threat model to cloud workloads, and how the MITRE ATT&CK for Cloud matrix maps attacker techniques to cloud-native detection opportunities.

3 July 202613 min
Read →
cloud-security

Man-in-the-Cloud Attacks & Privacy Issues in Cloud

How sync tokens from Dropbox, OneDrive, and Google Drive are hijacked without ever touching a password — and the privacy, jurisdiction, and data isolation challenges that define cloud forensics and compliance.

3 July 202613 min
Read →
cloud-security

Service Hijacking, Denial of Service & Economic DoS in the Cloud

How attackers steal cloud service access through credential exposure, weaponise cloud elasticity for Economic Denial of Sustainability attacks, and how defenders shut both down.

3 July 202611 min
Read →
cloud-security

Cloud Threat Landscape & Session Hijacking via SSRF

The CSA Top 10 cloud threats, the SSRF-to-IMDS credential theft chain, and the critical difference between IMDSv1 and IMDSv2 — the attack patterns that dominate modern cloud breaches.

3 July 202613 min
Read →
cloud-security

Cloud Service Providers & the Indian Context

Comparing AWS, Azure, and GCP across compute, storage, and identity primitives — and understanding NIC MeghRaj and Indian data sovereignty requirements that shape every cloud deployment in India.

3 July 202610 min
Read →
cloud-security

Deployment Models & the Shared Responsibility Model

Public, private, community, hybrid — and who is actually responsible for what. The shared responsibility model is the contract that defines cloud security obligations for every workload.

3 July 202611 min
Read →
Prev1...456Next