Hey! My name is Alexandria, and I am a Developer Advocate intern at BluBracket. At BluBracket, I’ve had the opportunity to work with a fantastic team and learn in public all things related to code security. To me, “Learning in public” means sharing the resources I’ve used on my journey. So here’s a list of cybersecurity and information security resources that helped me in the past year.
2021 was a year of learning and productivity, and 2022 will be no different. I have improved my Twitter thread that focused on cybersecurity learning resources. This list includes virtual labs, hands-on training, and the potential to earn certificates. This thread includes free & paid resources.
TryHackMe provides hands-on labs for users of all levels through the online learning platform. Users can choose specific learning paths such as Junior Penetration Tester or Web Fundamentals to gain a better understanding of what cybersecurity field they may be interested in. Some of my web developers may find the Web Fundamentals Path and courses related to BurpSuite and OWASP helpful in learning about common web application vulnerabilities.
PortSwigger’s Web Security Academy offers walk-throughs and hands-on labs about common web application vulnerabilities. Their Getting Started Guide is a perfect place to start if you are unsure which topic to focus on in web security. There are three topics: client-side, server-side, and advanced topics. PortSwigger offers the Burp Suite Certified Practitioner exam for those looking to become certified!
We Hack Purple provides resources and training to support developers in writing secure code. I have taken their Secure Coding course and started their Application Security course (great for technical and non-technical). I found myself taking away points I even applied in my previous internship as I worked on SDLC documentation. To help get started, they offer free mini-courses with options including Incident Response and API Security.
Note: These courses offer certifications as part of completion!
I admit that I have yet to try one of TCM Security’s courses, but I included it on the list because of its continuous positive reviews in the Tech Twitter Community! The founder, @Cybermentor on Twitter, is someone that I always notice seeks to help out others as much as they can on the timeline. The cybersecurity company is veteran-owned and focuses on providing cybersecurity training and compliance-related services. The TCM Security Academy offers a wide range of foundational courses (ex. Python 101 for Hackers, Linux 101, OSINT Fundamentals, etc.)
Roppers Academy offers many introductory classes, such as Capture the Flag, Computing Fundamentals, Security, and more. As you go through the courses, there is homework which you receive live feedback and answers to any questions you may have (my favorite part)! Once you have completed the course, they offer resume reviews.
Cybrary is a popular learning platform for cybersecurity interests; they offer five different categories to work in: cybersecurity, IT, cloud, data science, and DevSecOps. They offer career development resources such as LinkedIn profile reviews and resume reviews. Cybrary prepares you to have those on-the-job skills through its virtual labs.
Simply Cyber contains a list of free cybersecurity resources that include books, podcasts, labs, news, resume templates, and far more!
FedTVE offers a select few cybersecurity courses to the public. For veterans, you can receive access to over 60 cybersecurity courses. These courses are alongside the NICE (National Institute of Cybersecurity Education) Workforce Framework.
Cisco Networking Academy offers both: instructor-led and self-paced technology courses. If you are interested in networking, cybersecurity, programming, and more, this learning platform would be great for you! Another bonus is the platform offers certificates of competition.
Free Udemy Courses
If you are not looking up “Free Udemy Courses” on LinkedIn and Reddit, you are missing out!