An Amazon Cloud Red Team Professional (ACRTP) Review
Why I chose it
This summer I’ve been poking around the cybersec communities for cloud security certifications with some actual hands-on knowledge that I could spend my learning budget on. I’ve heard frequent mentions of thepwnedlabs.io platform and their courses. I decided to go with their ACRTP course for starters, since I had a sizeable background in AWS from years of cloud engagements, but never had a chance to get properly certified to do it. Overall I had a great time.
To this day here aren’t a lot of user reviews available on the web, so I decided to give a shoutout to the guys myself :)
Price
The whole ACRTP pack (exam+bootcamp) costs $400 and includes both exclusive content, exam, as well as ~1 month (I believe?) premium access to the main platform, pwnedlabs.io, required for you to access some of the learning materials available there.
About the course
ACRTP is a 1 month bootcamp done on a quarterly basis. You have to sign up in advance. This was a first bootcamp experience for me, and, while it went along great overall, there were some aspects on my part that I did not account for.
The bootcamp consists of four 4-5 hour live sessions with a mentor done on Saturdays, as well as a set of learning materials (labs & theory) from the pwnedlabs.io — weekly assignments you get to complete on your own in-between the sessions.
The live sessions themselves have their own unique content (presentation slides & labs done live with the mentor) that build on top of the learning materials you’ve got as a home assignment. Thankfully, these sessions are all recorded and you have permanent access to them once you complete the course.
Safe to say, the course is pretty packed with content. To sum up, you get:
- Temporary access to the main
pwnedlabs.ioplatform and sets of labs you have to complete on your own each week. - Slides with bootcamp-exclusive content from live sessions.
- Live session recordings.
- Live sessions-exclusive labs that you can complete even after the end of the sessions.
Course pacing
Honestly, I did not expect this course to take that much time at all. I am new to the format of live trainings, and, honestly, thought I could short-cut the course a bit, since I knew about AWS a lot. I certainly did not envision myself spending good 4+ hours weekly on the self-paced learning paths and ~3-5 hours on Saturday tuning into the live session Zoom calls.
The weekly assignments are packed with a lot of content and this is great. They give you a good understanding of the upcoming topic of the next training session even if you have no background in the tech at all.
Live training sessions, honestly, were, at the time, a bit too much for me and my 9-to-5 job :D With my added fatigue from the work, fried attention span, and the amount of content on display, I decided to watch the offline recordings of the lessons on 2x speed instead — the pacing slows down considerably towards the end of the sessions, as everyone understandably gets tired.
You can take my route If you are not prepared to dedicate ~20 hours of your weekend time over the span of 1 month to Zoom calls, but you’ll definitely miss out on the interaction with a really awesome tutor, Tyler, in case you do.
Overall, I spent ~25 hours on the course in June alone, so this should definitely be treated as a great commitment on your end before you sign up.
But again, theoretically, you could finish everything up on your own, even after the official end date of the bootcamp, so it’s not that bad, especially, since you have all of the materials AND the Discord community.
People
The biggest plus for me was the pwnedlabs community. While not as big as OffSec of HTB, their Discord server still has a lot of people you can message to get help in case you get stuck on something. Often, questions you’d like to ask were already answered in the chat history. There is no added layer of formality too, you can often DM the pwnedlabs staff directly to get help.
Requirements
Obviously, ACRTP is not a super advanced course, and it is aimed (at least from my perspective) at junior-middle seniority staff.
Apart from $400, you’d better get familiar with how AWS operates in general, though you will also be taught some parts of it during the initial live session.
Theory
ACRTP has a solid foundation both for attacking and defending a cloud. First 2-3 live sessions will primarily focus on attacking and enumerating the cloud, while the last 1-2 on defending the resources and identifying the threats.
I am not too qualified to speak on the defense part, so let’s talk offensive. We were taught to:
- Find and enumerate public cloud resources
- Find common entrypoints into the cloud (e.g. from a web app or a code repository)
- Enumerate cloud credentials, resources and search for privilege escalation vectors
- Perform actual privilege escalations in the cloud
- Chain everything together to move vertically and laterally within a given AWS infrastructure
As a bonus, you will even get some tips and tricks that are, I cannot stress this enough, not widely known as of July 2025. You will need to pay your attention to the learning materials if you wish to pass the exam — based on my very own hard time with it D:
Labs
The materials seem pretty up-to-date with what’s currently happening in the cloud security scene. You will get familiar with wide range of tools and techniques.
All of the labs are pre-setup with everything and you’re often given a set of AWS credentials as a starting point. You only really need to download AWS CLI and some of the tools listed in the curriculum to be set for the bootcamp.
Exam
The exam was a pleasant surprise. You will be given an adversary simulation scenario where you’d need to hack the target AWS account — a pretty simple premise if you read your course materials and do not try to shortcut the course.
Overall experience
I’d definitely recommend this course to anyone starting out in the cloud security or trying to fill in the missing gaps in the knowledge (my case). The amount of content for the price is simply incredible. I am incredibly relieved that we gradually move away from a mediocre content priced like a used 2010 hatchback (looking at you, SANS and OffSec).
If you ask me this course is way way way better than any shitass run-of-the-mill “AWS Certified Security” course with multiple choice questions at the end.