Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.
 

13 Free InfoSec Training Resources For IT Pros

By - Source: Toms IT Pro

The amount of free information security training is growing daily, but whittling your choices to the good stuff isn't always easy. Take a look at our best list.

There are all kinds of free training resources available for information security professionals. They typically come in two flavors — those designed to help prepare you for a security certification or to fill in security knowledge gaps. While some courses require you to sign up, others start with just one click, so you can browse and decide pretty quickly if they're right for you.

Note: After trying some of the free courses, if you feel you need more extensive training and have the budget, check out our Best Training Options For IT Pros article. It details high-quality, paid training that's available online or in training centers across the U.S.

MORE: Best Information Security Certifications

Cybrary

Longtime IT and cybersecurity trainers, Ralph P. Sita, Jr. and Ryan J. Corey, launched Cybrary in January 2015. The Cybrary course catalog is impressive — it contains more than 30 courses spread across systems administration, network administration, cloud computing and cybersecurity. The bulk of the courses are geared toward some IT certification, such as the Certified Ethical Hacker (CEH), (ISC)2 CISSP and Microsoft Certified Solutions Associate (MCSA); while other courses focus on skills, like using the Metasploit Framework, Python for security professionals and malware analysis and reverse engineering.

All courses are delivered online, and include lectures, interactive lab demonstrations and study guides.

Information Assurance Support Environment (IASE)

The Information Assurance Support Environment (IASE) offers a bevy of interactive web-based training courses that cover cybersecurity awareness, cybersecurity for senior leaders, professionals and technical professionals, cyber law, NetOps and DoD cyber tools. Each course takes 20 minutes to longer than 1 hour to complete.

IASE also offers CyberProtect, a DoD game-like simulator that puts you in charge of security for an entire IT infrastructure. You choose security tools and deploy them on the simulated network, and then make decisions about mitigating risks, threats and vulnerabilities. It’s fun and educational, all at the same time.

InfoSec Institute

The InfoSec Institute offers a multi-module video-based course on CISSP cryptography, typically the most challenging part of the CISSP exam for most candidates, as well as a free, downloadable CISSP study guide. The latest version of their document The CISSP Domains bears the subtitle 2015 Update, and is entirely in sync with the current structure and contents of the CISSP Common Body of Knowledge.

InfoSec Institute site visitors can also take progressive, custom and simulated CISSP practice exams through Skillset.

National Institutes of Health (NIH)

The National Institutes of Health offers mini training courses on information security, privacy and security awareness. All courses take less than one hour to complete. Here's the complete course list as of this writing:

Offensive Security Metasploit Unleashed

If you're interested in learning how to use the Metasploit Framework and Metasploit Pro for penetration testing, check out Offensive Security's Metasploit Unleashed course, put together in part by the authors of "Metasploit: The Penetration Tester's Guide" (No Starch Press, 2011). Although the course is free to all, Offensive Security asks that satisfied course takers make a small donation to Hackers for Charity.

SANS Cyber Aces Online

The folks at the highly regarded SANS Institute offer information security courses and tutorials through SANS Cyber Aces Online. Geared toward high school and college students, instructors, military vets and pretty much anyone looking for a job in the information security industry, the courses are designed to help people gain essential security knowledge.

To date, three modules are available, each of which consist of several video-based modules (with or without quizzes):

  • Introduction to Operating Systems
  • Networking
  • System Administration

SANS states that the courses "are the same as those offered to information security professionals around the world," which we assume means via SANS training events.

FEMA National Training and Education Division

FEMA's National Training and Education Division includes a number of free self-study courses on cybersecurity for non-technical workers and IT professionals. These free courses cover digital forensics, cyber law and cyber ethics, information risk management, and more. The only downside is that you have to apply for each training course you want to take and the process might vary slightly by state. As of this writing, the catalog includes 25 courses under the heading of “Cyber Security” on topics that include cyber-terrorism and response, critical infrastructure security and protection, web-based security and risk management, and more. It is disaster or service interruption oriented, as you’d expect from the Federal Emergency Management Agency.

(ISC)2 Center for Cyber Safety and Education

The International Information Systems Security Certification Consortium is usually denoted (ISC)2 and pronounced “eye-ess-cee squared.” This is the certification sponsor for the CISSP and numerous other high-value information security credentials. They also offer a variety of training materials related to safe and secure computing, including courses for parents and guardians, children, seniors and more. Created in concert with the Center for Cyber Safety and Education, these materials are useful for end users or for anyone trying to get a handle on basic information security concepts, tools and best practices.

Heimdal Security’s Guide to 50+ Cyber Security Online Courses

Heimdal Security is a vendor that offers information security tools and systems, with a particular focus on the financial services industry and data protection and privacy. (Heimdal was the Norse deity responsible for monitoring the security of the Bifrost bridge that linked Asgard to the Earth.) The company has put together a nice compendium of cyber security courses online. You can click directly into categories for free security training for beginners and advanced professionals that will narrow your search immensely, if you like.

Cal Poly Information Security: Security Training Materials

The California Polytechnic State University has compiled a nice collection of links to posters, videos, quizzes and professional development opportunities for students, faculty and staff. You’ll find information about password protection, home computer security, identity theft, phishing and spyware, and more, with quizzes to back up those materials (and make sure you understand what you’ve learned).

Risk3Sixty: Free Information Security Training Materials

These materials include a training video, plus a follow-up examination and answer key, designed to help companies and other organizations teach their employees about basic information security principles and best practices. It’s an interesting way to see what passes for security awareness and consciousness training nowadays, and is meant to give companies a leg up in training their workers to practice safe computing and resist social engineering and other forms of attack.

OWASP: Education/Free Training

OWASP stands for Open Web Application Security Project, and represents a broad industry group of IT and development professionals interesting in promoting the development and secure use of web-based applications and services. This collection covers topics of great interest to developers who build and test such things, and administrators who must install, secure and maintain them. The materials list includes more than 14 course units of the material on the general subject of Application Security, and is well worth auditing for developers and for practicing and aspiring security professionals as well.

CyberSecurity MOOCs: Free Online Cyber Security Courses

MOOC is an acronym for Massive Open Online Courses, free online university-level courses that are gaining huge popularity and attendance among interesting parties and IT professionals around the world. This compilation includes more than 20 MOOCs from institutions such as MIT, The Open University, the University of Maryland, Excelsior College and many more. For those seeking serious, college-level exposure and coverage to the topic, this is probably the best single resource in this story.

Comments