← All hands-on labs
AWS Security LabsAdvanced
CloudTrail forensics
Reconstruct an exfiltration attempt with Athena across CloudTrail logs.
CloudTrailAthena
What you'll do
- Work in a real, isolated AWS environment — nothing to install or set up
- Find and exploit the weakness the way an attacker would
- Apply the fix and verify it like a defender
- Map what you did back to real-world controls and frameworks
More AWS Security Labs
S3 misconfiguration & data exposure
Find and fix public buckets, weak ACLs, and missing encryption in a realistic account.
IAM privilege-escalation paths
Trace and break real IAM escalation chains, then apply least-privilege.
KMS & data-protection controls
Implement envelope encryption and map controls to GDPR / DPDP outcomes.
GuardDuty + Security Hub triage
Triage live findings, correlate alerts, and wire automated remediation.
Ready to launch this lab?
Spin it up in your browser — no setup. Your first lab is free.