Pune, India
Montréal, Canada
Global Delivery
Loading... hello@aegiscyb3r.com
Senior-led Cyber Security · Pune · Montréal · Global

Protect.
Govern.
Educate.

Expert cyber security advisory, GRC frameworks and hands-on training — backed by 30+ certifications and two decades of VP-level, mission-critical experience.

🇮🇳Pune, India
🇨🇦Montréal, Canada
🌐Global Delivery
CISSPCISMCRISC CISAPMP® NIST CSFMITRE ATT&CK EC-Council MentorA-CCISO
Explore Courses → Free Content
Expertise at a glance
20+
Years Exp.
30+
Certifications
VP
Leadership
GRC
Gov·Risk·Control
NIST CSFMITRE ATT&CK ISO 27001ISO 31000
🏆 CISSP · CISM · CRISC · CISA
🎓 EC-Council Certified Mentor
🇮🇳 Pune · 🇨🇦 Montréal · 🌐 Global
▶ @AegisCyb3r — Free YouTube Content
📧 hello@aegiscyb3r.com
Services

What we deliver

Senior-practitioner-led engagements covering every dimension of cyber security.

🛡
Advisory
Cyber Risk Governance & Reporting

Enterprise risk assessments, executive-level reporting and thematic risk analysis. Board-ready dashboards aligned to NIST CSF and MITRE ATT&CK.

NIST CSFMITRE ATT&CKRisk Appetite
Enquire →
⚙️
Governance
GRC Framework Development

Security control design, implementation and testing. Governance frameworks aligned to ISO 27001, NIST and regulatory requirements.

ISO 27001CRISCControl Testing
Enquire →
🎓
Training
Cyber Security Training & Mentoring

Hands-on ethical hacking, OSINT and GRC training. EC-Council Certified Career Mentor. Live sessions, recorded access and interactive labs.

Ethical HackingOSINTGRC
View Courses →
🔍
Response
Incident Risk Management

Complex cyber incident management, impact assessment and post-incident improvement planning to build lasting organisational resilience.

Incident ResponseResilience
Enquire →
📊
Intelligence
Executive Threat Advisory

Senior stakeholder advisory on emerging threats, exploit relevance and technology risk. Proactive rather than reactive risk postures.

Threat IntelStrategy
Enquire →
🔄
Transformation
Security Transformation Programs

Cross-functional transformation initiatives balancing security, operational efficiency and customer experience — driving culture change at scale.

TransformationChange Mgmt
Enquire →
🕸
Offensive
API Penetration Testing

Deep manual analysis of REST, GraphQL and SOAP API endpoints. OWASP API Top 10 coverage — broken object-level auth, BOLA, mass assignment, injection and business logic flaws that scanners consistently miss.

OWASP API Top 10BOLA/BFLAAuth BypassGraphQL
Get a Quote →
🌐
Offensive
Network Penetration Testing

Internal and external network penetration testing emulating real-world threat actors. Firewall evasion, lateral movement, privilege escalation and Active Directory attack chains — from perimeter to domain admin.

External/InternalActive DirectoryLateral MovementPriv Esc
Get a Quote →
☁️
Offensive
Cloud Penetration Testing

AWS, GCP and Azure security assessments from the perspective of an external attacker and assumed breach scenarios. IAM misconfigurations, exposed storage, misconfigured services and cloud-native attack paths.

AWSGCPAzureIAM ReviewCSPM
Get a Quote →
🤖
Emerging
AI / LLM Penetration Testing

Security assessment of ML models and AI-powered applications against emerging threats. Prompt injection, jailbreaking, data poisoning, training data extraction and OWASP LLM Top 10 — the attack surface most organisations haven't mapped yet.

Prompt InjectionOWASP LLM Top 10JailbreakingRAG Security
Get a Quote →
🎭
Offensive
Social Engineering Assessments

Testing the human layer through phishing simulations, pretexting, vishing and physical security — tailored to simulate real-world adversary behaviour. The weakest link is always the human, not the firewall.

Phishing SimulationVishingPretextingAwareness
Get a Quote →
🔁
Assurance
Retesting & Remediation Verification

Security doesn't end at the report. We provide structured retesting to verify every finding has been properly remediated — with follow-up advisory, secure code review guidance and written confirmation of closure.

RetestRemediationClosure ReportDev Advisory
Get a Quote →
20+
Years Experience
Mission-critical environments
30+
Certifications
Security · Risk · Cloud · AI
GRC
Governance · Risk · Controls
ISO · NIST · MITRE
VP
Leadership Level
Strategic decision support
How We Work

Our Engagement Methodology

Every assessment follows a structured, manual-first process — no automation shortcuts, no box-checking. Zero false positives.

01
🎯
Scoping & Intelligence
Define attack surface, align expectations, identify technical scope and critical paths. Passive reconnaissance of public assets including subdomains, exposed credentials and source code leaks. Threat modelling based on your business logic and data sensitivity.
02
🗺️
Enumeration & Mapping
Manually enumerate all reachable assets, endpoints, APIs and application pathways. Explore parameter behaviour, authentication flows and third-party integrations. Catalog technologies in use — frameworks, CMS, CDN, libraries.
03
🔬
Vulnerability Analysis
Deep manual testing to detect both technical and logic-based vulnerabilities. Authentication flaws, access control issues, injection attacks, API security gaps, cryptographic weaknesses and application logic flaws that automated tools consistently miss.
04
Exploitation & PoC
Safe, controlled exploitation of verified vulnerabilities to demonstrate real-world impact — screenshots, logs and replication steps for every finding. Impact simulation showing data exfiltration, account takeover and privilege escalation paths.
05
📋
Reporting & Risk Analysis
Clear, actionable report balancing technical depth with executive readability. Executive summary, technical details, severity ratings aligned to CVSS and OWASP, and remediation guidance for every finding. Zero false positives guaranteed.
06
Retesting & Closure
Security doesn't end at the report. Structured retesting verifies every finding is properly remediated. Follow-up advisory, secure code review guidance and written closure report confirming remediation of all identified vulnerabilities.
Standards & Frameworks
OWASP Testing Guide v4 OWASP Top 10 OWASP API Top 10 OWASP LLM Top 10 NIST SP 800-115 PTES MITRE ATT&CK CVSS v3.1
Credentials

Flagship certifications

Every engagement delivered by a practitioner holding the gold standard credentials in cyber security, risk and governance.

CISSP
Certified Information Systems Security Professional
(ISC)²
Active
CISM
Certified Information Security Manager®
ISACA
Active
CRISC
Certified in Risk & Information Systems Control™
ISACA
Active
CISA
Certified Information Systems Auditor®
ISACA
Active
PMP®
Project Management Professional
PMI
Active
Courses

Hands-on training programs

Choose between live instructor-led sessions or recorded self-paced access. All courses include lab exercises and real-world scenarios.

Live + Recorded🟢 Beginner
Junior Penetration Tester
Master the fundamentals of network penetration testing. From reconnaissance to exploitation — building your foundation in ethical hacking.
24 hours
📚 8 modules
🧪 Lab included
NmapMetasploitKali LinuxOSINT
Live + Recorded🔴 Advanced
Professional Penetration Tester
Advanced exploitation, privilege escalation, lateral movement and professional report writing. For serious practitioners.
40 hours
📚 12 modules
🧪 Lab included
Privilege EscalationBuffer OverflowAD Attacks
Live + Recorded🟡 Intermediate
OSINT & Passive Reconnaissance
Master open-source intelligence gathering, passive footprinting, Google dorks, certificate transparency and DNS intelligence.
18 hours
📚 6 modules
🧪 Lab included
Google DorksDNSReconShodanWHOIS
Live + Recorded🟢 Beginner
Web App Junior Penetration Tester
Introduction to web application security. OWASP Top 10, Burp Suite basics, SQL injection, XSS and authentication bypasses.
20 hours
📚 7 modules
🧪 Lab included
OWASP Top 10Burp SuiteSQLiXSS
Live + Recorded🔴 Advanced
Web App Professional Penetration Tester
Advanced web app exploitation — SSRF, XXE, IDOR, API security, JWT attacks, GraphQL, OAuth flaws and professional reporting.
36 hours
📚 10 modules
🧪 Lab included
SSRFJWT AttacksAPI SecurityGraphQL
Live Sessions🟡 Intermediate
Cyber Risk & GRC Foundations
Enterprise risk governance, NIST CSF, MITRE ATT&CK, ISO 27001 controls, risk appetite and executive reporting frameworks.
30 hours
📚 9 modules
💬 Live sessions
NIST CSFISO 27001Risk Management
Live + Recorded🔴 Professional
CISSP Exam Preparation
Comprehensive (ISC)² CISSP prep covering all 8 CISSP domains. Risk management, cryptography, security architecture, IAM, and more — with practice questions and exam strategy.
60 hours
📚 8 domains
🎯 Exam focused
All 8 CISSP DomainsPractice QuestionsExam Strategy
Live + Recorded🔴 Professional
CISM Exam Preparation
ISACA CISM prep across all 4 domains — Information Security Governance, Risk Management, Program Development and Incident Management. Real exam questions included.
40 hours
📚 4 domains
🎯 Exam focused
IS GovernanceRisk MgmtIncident Mgmt
Live + Recorded🔴 Professional
CRISC Exam Preparation
ISACA CRISC prep — IT Risk Identification, IT Risk Assessment, Risk Response and Reporting, and IT Risk Monitoring. Perfect for GRC and risk professionals.
35 hours
📚 4 domains
🎯 Exam focused
IT Risk IDRisk AssessmentRisk Reporting
Live + Recorded🔴 Professional
CISA Exam Preparation
ISACA CISA prep covering IS Auditing, Governance, Systems Acquisition, IT Operations and Business Resilience. Guided by a certified CISA holder.
40 hours
📚 5 domains
🎯 Exam focused
IS AuditingIT GovernanceBusiness Resilience
Live + Recorded🟡 Intermediate
PMP® Exam Preparation
PMI PMP® exam prep — predictive, agile and hybrid project management. Covers the PMI Exam Content Outline with scenario-based questions and application strategies.
36 hours
📚 3 domains
🎯 Exam focused
Predictive PMAgileHybrid
Pricing

Simple, transparent pricing

Choose monthly or save 15% with an annual plan. All prices shown in your local currency.

Monthly
Annual Save 15%
Free
0 always
 
What's included
GHOST.RECON LabUnlimited
YouTube contentAll free videos
Interactive training lab
Free YouTube tutorials
Community access
Recorded course library
Live sessions
Certificates
Starter
2,500 /month
Annual: ₹2,125/mo — save 15%
Course hours included
OSINT & Recon18 hrs
Junior Pentest24 hrs
Web App Junior20 hrs
Total recorded access62 hrs
62 hours recorded content
3 course tracks access
GHOST.RECON lab access
Completion certificates
Email support
Live instructor sessions
1:1 mentoring
Pro
6,000 /month
Annual: ₹5,100/mo — save 15%
Course hours included
Everything in Starter62 hrs
Professional Pentest40 hrs
Web App Professional36 hrs
GRC Foundations30 hrs
Total recorded access168 hrs
Live sessions/month4 sessions
168 hours full library access
All 6 course tracks
4 live sessions/month
1:1 mentoring (2 hrs/month)
Priority support
All certificates included
Early access to new content
💬
Live Instructor Sessions — Custom Pricing
Live sessions are priced separately based on group size, duration and topic. Corporate team training, bootcamps and one-on-one mentoring are available on request. Contact us →
Free Content
Learn cyber security — free, every week.

The Aegis Cyber YouTube channel makes professional-grade cyber security knowledge accessible to everyone. Ethical hacking, GRC, OSINT, AI in security and career guidance.

Ethical Hacking Fundamentals
OSINT & Passive Recon
Cyber Risk & GRC
AI in Cybersecurity
MITRE ATT&CK Explained
Career in Cyber Security
Subscribe @AegisCyb3r
youtube.com/@AegisCyb3r
Aegis Cyber 🛡️
@AegisCyb3r
🎯 OSINT
Passive Recon Guide
⚙️ GRC
NIST CSF Simplified
🔍 Nmap
Nmap Zero to Hero
🤖 AI
AI in Cyber Security
Interactive Lab

GHOST.RECON Training Lab

The hands-on ethical hacking training platform — type real commands, earn XP, complete missions and get certified.

Live Interactive Platform
GHOST.RECON
An animated, mission-based cyber security training series covering Reconnaissance, Scanning and Enumeration. Type real hacking commands in a safe simulated environment.
10 Episodes · 3 Days · 12 Hours of structured content
Live terminal — type real commands, get realistic output
4 animated characters with unique expert perspectives
Instructor dashboard · Capstone mission · XP system
Certificate of completion awarded on finishing
🚀 Ghost.Recon Lab → 🎯 Day 1 Capstone — OSINT Lab →
Episodes
10 modules
Core Tools
Nmap · Metasploit
Skill Domains
12 unlockable
Access
Free — open to all
New Lab
OSINT Day 1 Capstone
OSINTGoogle DorksWHOISDNSReconNmaphping3MetasploitMAC Spoof
Brochure
Download our course brochure
Download the full 6-page course brochure instantly — no email required. Courses, pricing, credentials, methodology, GHOST.RECON lab and contact details all in one document.
🇬🇧 English 🇮🇳 हिंदी 🇨🇦 Français
📄 Brochure includes
🎯Full course catalogue & syllabus
Hours per course & schedule
💳Pricing & payment options
🎓Instructor credentials & bio
📍Pune · Montréal · Online delivery
Locations

Where we operate

Courses and consulting delivered from two countries, with global online access for everyone.

🇮🇳
Pune
Maharashtra, India
Headquarters and primary training centre. Live classroom sessions, corporate workshops and on-site consulting engagements across India.
Primary HQ
🇨🇦
Montréal
Québec, Canada
North American operations hub. Live sessions, corporate training and consulting for organisations across Canada and the United States. Courses available in English and French.
North America
🌐
Global Online
Worldwide Delivery
All courses available online via live Zoom sessions and recorded access. Students from any country can enrol and learn at their own pace with full lab access.
Worldwide
Why Aegis Cyb3r

What sets us apart

🎯
Senior Practitioner
Every course led by a VP-level expert with 20+ years in mission-critical environments — not a junior instructor.
📜
30+ Certifications
CISSP, CISM, CRISC, CISA, PMP, RHCSA, A-CCISO, CCSK, OSINT Pro and more — the most respected credentials in the industry.
🌐
Two Countries
Offices in Pune, India and Montréal, Canada. Live training, online access, and global delivery — in English, Hindi and French.
🎓
Free Learning Too
Weekly free content on YouTube @AegisCyb3r. Try before you buy — and our GHOST.RECON lab is always free.
Client Reviews

What our clients say

Trusted by organisations across banking, healthcare, technology and government sectors.

★★★★★
"The depth of the penetration test went far beyond what we expected. The team identified complex business logic vulnerabilities that our internal team had missed for months. The report was executive-ready and technically precise — remediation was straightforward."
VP
Vice President, Technology
Financial Services Firm — India
★★★★★
"AEGIS CYB3R helped us align our entire GRC framework to NIST CSF and ISO 27001 in under 90 days. The executive risk reporting they delivered changed how our board views cyber risk — from a technical concern to a business priority. Exceptional work."
CTO
Chief Technology Officer
Healthcare Technology Company — Canada
★★★★★
"The training program was unlike anything we had experienced before. Our security team came out with real skills — not just theory. The hands-on lab approach and the MITRE ATT&CK mapping made the learning stick. Highly recommended for any security team."
DI
Director of Information Security
Government Agency — India
Ready to secure your organisation?
Request a quote and we'll respond within 24 hours.
Get a Quote →
Contact

Let's work
together.

Available for consulting, advisory, speaking, live training and custom corporate programs. Reach out in English, Hindi or French.

✉️
🇮🇳
India
Pune, Maharashtra
🇨🇦
Canada
Montréal, Québec
Send us a message
We respond within 24 hours. Write in English, Hindi or French.

Senior-led cyber security advisory, governance and training. 30+ certifications. Two countries. Global delivery.
📍 Pune, Maharashtra, India
📍 Montréal, Québec, Canada
🌐 Global Online Delivery
Courses
Junior Penetration Tester Professional Pentest Web App Junior Pentest Web App Pro Pentest OSINT & Recon Cyber Risk & GRC
Platform
Starter — ₹2,500/mo Pro — ₹6,000/mo GHOST.RECON Lab (Free) YouTube @AegisCyb3r
Company
Services Credentials Locations Contact Us hello@aegiscyb3r.com
© 2025 AEGIS CYB3R · Pune, India · Montréal, Canada · aegiscyb3r.com