Choose Your Specialization
Phase 2 is where your career direction is decided. After completing the 3-month Foundation, you choose one of four elite specialization tracks and spend Months 4–6 going deep.
Months 4–6
SOC Analyst
Become the first line of defence. Master SIEM platforms (Splunk & Sentinel), threat hunting, MITRE ATT&CK mapping, and lead real-time incident response operations.
- ›Splunk & Microsoft Sentinel
- ›Threat Hunting & MITRE ATT&CK
- ›Incident Response Lifecycle
- ›SOC Operations & Playbooks
Months 4–6
Offensive Security (VAPT)
Think like an adversary. Master web app penetration testing, Active Directory attacks, red team operations, and deliver professional-grade VAPT reports.
- ›Web App & API Pentesting
- ›Active Directory Exploitation
- ›Red Team Operations
- ›Bug Bounty Methodology
Months 4–6
Cloud Security
Secure modern cloud infrastructure. Master AWS/Azure security, IAM design, Kubernetes hardening, DevSecOps pipelines, and cloud compliance frameworks.
- ›AWS & Azure Security
- ›IAM & Zero Trust
- ›Container & K8s Security
- ›Infrastructure as Code
Months 4–6
Digital Forensics & IR
Follow the evidence. Master disk and memory forensics, malware analysis, incident reconstruction, and produce court-admissible investigation reports.
- ›Disk & Memory Forensics
- ›Malware Analysis & Triage
- ›Network Forensics (PCAP)
- ›Forensic Report Writing
How to Choose Your Track
Want to protect?
SOC Analyst — monitor, detect, and respond to threats in real enterprise environments.
Want to attack?
VAPT — ethically hack web apps, networks, and corporate AD forests for money.
Love infrastructure?
Cloud Security — own the modern attack surface. AWS, Azure, containers, DevSecOps.
Follow the evidence?
DFIR — investigate breaches, analyze malware, and reconstruct what the attacker did.
Ready to Specialize?
Complete Foundation first, then choose your path.