Lessons
Step-by-step lessons across Reverse Engineering, Malware Analysis, Cloud Security, and more. Each episode pairs with articles, resources, and follow-up MCQ assessments in the 4Q course view.
38 lessons across all domains — page 2 of 4

Masterclass Ep. 8 — Units 4 & 6: The dual-vector investigation framework — combining network-layer evidence (VPC Flow Logs, CloudTrail) with endpoint-layer evidence (memory, disk snapshots) for complete cloud incident reconstruction.

Masterclass Ep. 7 — Unit 6: Tamper-evident logging with S3 Object Lock, automated compliance with AWS Config rules, and the governance pipeline from detection through remediation.

Masterclass Ep. 6 — Unit 6: How data persists, migrates, and leaves forensic traces across cloud storage, sync services, and ephemeral compute — and how investigators reconstruct the full picture from fragments.

Masterclass Ep. 5 — Unit 5: CSA CCM v4, NIST CSF 2.0, and ENISA risk taxonomy mapped to practical cloud security controls — plus CloudTrail, Security Hub, GuardDuty, and SCPs in a real enterprise architecture.

Masterclass Ep. 4 — Unit 4: Building a hardened cloud security architecture — defence-in-depth controls, encryption at every layer, key management, and the Zero Trust controls that constitute a cyber-sentinel posture.

Masterclass Ep. 3 — Unit 3: The full cloud attack kill chain — credential exposure, IAM privilege escalation, SSRF-to-IMDS token theft, lateral movement, and the controls that break each stage.

Masterclass Ep. 2 — Unit 2: The foundational architecture principles underlying every AWS service — compute, storage, networking — traced from physical hardware up through the hypervisor and into the cloud control plane.

Masterclass Ep. 1 — Unit 1: How abstraction layers transform bare-metal servers into the elastic, multi-tenant cloud — and what that means for forensics, incident response, and your security perimeter.

How attackers compromise targets through browsers and documents instead of executables. Drive-by downloads, weaponised PDFs and Office documents, JavaScript de-obfuscation.

How elite malware detects debuggers, identifies VMs, sabotages analysis, and protects embedded data — and how the analyst defeats each defence.

Foundational lecture on what malware is, the three-question triage method, and the x86 fundamentals every analyst needs.

Three landmark cases — Stuxnet, Colonial Pipeline, and REvil/Kaseya — paired with the code-level evasion taxonomy every analyst must know.