How to get started in Cyber Security 2021
Updated: Dec 14, 2021
The Information Security industry is booming and there hasn't been a better time to enter! Although prior cyber security experience isn't necessary, many professionals entering the industry would have a strong advantageous IT background.
If you have absolutely no prior cyber security knowledge definitely keep reading.
I'm gong to briefly go over 4 different areas to help you build your information security knowledge base.
Free (and paid) online training.
Cybrary is one of the fastest growing platforms for on demand cyber security training with over 2.5M registered users. Some of the courses they provide are; Advanced Penetration Testing and courses to help prepare for the CCNA, CompTIA security+.
Udemy is the worlds largest online provider of video courses, with hundreds of courses in the area of cyber security.
Immersive labs are an online fully interactive platform to provide cyber security training in a gamified way. This is a personal favourite of mine as they have labs ranging from threat hunting to malware reverse engineering.
Hack the box is a platform allowing those wanting to pursue a career in penetration testing to flaunt their skills by hacking into real machines. A must for those wanting to pursue Penetration testing as a professional career.
Department of homeland security provide free training in the area of industrial control systems, to help reduce risks across critical infrastructure.
Root me are a free platform to develop information security skills in a number of areas; Networking, forensics, web-app pentesting and cryptanalysis.
Hackerrank is a platform to help develop your coding skills with over 7M registered users.
Tryhackme, much like Hack the box is an online platform that teaches cyber security through hands-on rooms.
TCM (The Cyber Mentor) is a youtuber that provides free cyber security and penetration testing style video tutorials.
JackkTutorials provides various videos about information security and also uploads Hack the box walk through videos.
LiveOverflow is a youtuber that uploads videos about information security.
Nullbyte provide hacking tutorials and affirmative videos in areas such as wifi hacking and password cracking.
HackerSploit provide various cyber security related videos and also Hack the box walk through videos.
Grant Collins is an educational youtuber in the area of Cyber Security and often does videos helping those who want to get started in Cyber Security.
Ippsec Everyone knows, or should know Ippsec. He does CTF walkthroughs and hacking how to videos. His channel is a must if you use Hack The Box or are preparing for the OSCP exam.
Hacking articles are a blog that provide numerous hacking tutorials and CTF challenges.
Hacksplain are a platform that provide tutorials and explanations on how to exploit vulnerabilities in web applications. They also walk through how they work and the mitigation's to protect against them.
Pentesterlab are a platform where you can learn web application penetration testing
Insidesherpa are a virtual internship platform and have a number of programmes which you can sign up for. One of which is the Commonwealth Bank technology internship where you can take Cyber security career module.
HackThisSite is a website that allows users to practice network penetration testing.
Vulnhub is a site that provides virtual machines that are designed to be vulnerable by design and are used to practice penetration testing.
SQLZOO is a site where you can learn about SQL and also practice some SQL injection attacks
Web application exploit and defences is a site that teaches you how to find security vulnerabilities in web applications and also how to exploit them.
Portswigger Academy is probably the #1 place on teh internet to learn Web Application hacking.
There are loads of relevant certifications that will enhance your skill set and make your more employable. Here I just list a few vendors, with bias towards penetration testing certifications as that is the career path I am pursuing.
CompTIA, Offensive Security, INE (Elearn Security), GIAC, ISC2, Zero Point Security, TCM Academy and many more... Lastly, start a blog and start some projects of your own. Build up your own personal portfolio to showcase your skills.