VEXA-CSE · Intermediate / Advanced

VEXA Certified Cloud Security Engineer

Cloud and Kubernetes security misconfigurations, hands-on.

6 weeks · 24–32 hours totalBest for: Cloud/DevOps engineers, SREs and security practitioners.

Enroll now Download syllabus (PDF)

What you will learn

AWS IAM, networking and storage security fundamentals.
Common misconfigs across S3, EC2, SGs and logging.
Kubernetes RBAC, pod security and node exposure risks.
Designing safer cloud architectures and guardrails.

Syllabus overview

Module 1 · Cloud Security Basics

Shared responsibility and attack surfaces
Lab: open S3 bucket investigation

Module 2 · AWS Misconfigurations

Security Groups, IAM roles and logging gaps
Lab: privilege escalation via misconfig

Module 3 · Kubernetes Security

RBAC, hostPath and privileged containers
Lab: exploiting an over-privileged pod

Module 4 · Defending Cloud Environments

Guardrails, policies and monitoring
Capstone: secure a cloud lab setup

Requirements & assessment

Basic security or IT knowledge recommended.
Laptop with a modern browser and ability to run labs.
Commitment to complete labs, quizzes and a final capstone project.

Certification & digital badge

Complete all mandatory labs and the final assessment to receive your verified VEXA-CSE digital badge, ready to share on LinkedIn and CVs.