API Security, Secrets & Cloud Guardrails
Hands-on technical audit testing — enumerate and exploit API misconfigurations, hunt for exposed secrets, audit IAM policies, test cloud guardrails, scan IaC templates, and validate container security controls.
Certificate Paths
These stages map to Network+, Security+, ISC² CC, and CySA+ exam domains →
This module references the OWASP API Security Top 10 2023. OWASP® is a registered trademark of the OWASP Foundation. Content adapted for educational use under CC BY-SA 4.0. Additional references include NIST SP 800-53/800-161 (public domain U.S. government publications), CIS AWS Foundations Benchmark™ (Center for Internet Security), and CISA Supply Chain Risk Management guidelines (public domain). Learn more ↗CC BY-SA 4.0 (OWASP); Public domain (NIST/CISA)
Stripe Engineering HQ
The Exposed API
HashiCorp Headquarters
Secrets in the Open
AWS re:Inforce Conference
Guardrails in the Cloud
Okta Headquarters
Who Can Do What
Docker Engineering
The Container Escape
HashiCorp Terraform Cloud
Infrastructure as Code, Insecurity as Default
Snyk Headquarters
Static and Dynamic Analysis
Palo Alto Networks
The Flat Network
Snowflake Headquarters
Data at Rest
Datadog Headquarters
The Silent Breach
Google Cloud Headquarters
Never Trust, Always Verify
AWS Security Hub
Automate the Audit