Author Elaine Harrison-Neukirch
In 2020, during the pandemic lock down, I decided to work on expanding my Cyber Security knowledge. I searched for free training and resources and found many valuable classes and conferences.
I am still taking advantage of free training. My plan for 2021 is to become proficient at CTFs (Capture the Flags).
Whether you have been in Cybersecurity for a while or are just starting to explore the field, I hope that these resources will be useful to you and your network.
Free Training Classes
I have participated in multiple classes. Some were live, others were recorded or self-paced. I prefer the latter as I usually take classes and work simultaneously, not ideal for live classes.
What I find most valuable about these classes and conferences is that the people who offer/ sponsor them, are not making a profit. They're simply giving back to the community!
These classes are offered by Wild West Hackin’ Fest (Black Hills Information Security). There are many “Pay what you can courses” available. This means you can take them for free or pay a minimal fee depending on your budget.
I have completed all of the John Strand courses. John is a fantastic instructor and engages the class through Discord. The John Strand courses requires a class VM and you should join the Discord channel to get the most out of class. If you miss anything, there are recordings available the next day. I have had to go back and follow along with the recordings a few times.
Password Cracking 101 + 1 with Will Hunt & OwenShearing
Getting Started with Packet Decoding with Chris Brenton
Regular Expressions, Your New Lifestyle with Joff Thyer
The pre-show Discord banter has become quite well known in our cyber security community. Black Hills has even created a Pre-Show Banter Tee shirt!
The topics vary but are always interesting. I suggest signing up for the Black Hills Infosec mail list so you are notified. These are also recorded in case you cannot attend.
They utilize Discord so be sure to subscribe to their channel if you want to participate.
3. DFIR Diva
DFIR Diva has soo many free resources that I haven’t even looked at everything yet. It is focused on Digital Forensics and Incident Response learning but contains resources for other security domain training as well.
I highly suggest following DFIR Diva on LinkedIn and Twitter. You will get the most recent free training info as well as the occasional code for a frere UDEMY class. In the past I have gotten codes for free Python, Google Cloud Exam Class, Ethical Hacking and others from the Linked in page.
This is a free hands-on workshop presented by SCYTHE. The workshop occurs on a monthly basis. If you are interested in learning more about Purple Teams and what is involved, this is a great workshop for you. I assist attendees and answer questions. I know first hand that people really enjoy this workshop.
The workshop an hour-long presentation about Purple Teaming. Attendees are provisioned with their own lab environment. Using a lab manual and SCYTHE's Adversary Emulation platform, attendees create create campaigns and launch payloads. If you ever wanted to create a Ransomware campaign and detonate a ransomware payload, this is the workshop for you.
The workshop also incorporates SRA’s Vectr and Elastic’s Kibana. I actually ended up working at SCYTHE after I took the free workshop and followed them on social media. That is how I saw that they were hiring.
Using ATT&CK for Cyber Threat Intelligence Training is a self-paced training class that walks the student through using MITRE ATT&CK in Cyber Threat Intelligence. I took this class when I first started working at SCYTHE because we incorporate MITRE ATT&CK into our platform. The class was a great intro to how to use MITRE ATT&CK and helped me become more efficient at gathering intel from the matrix.
Early this year, I was studying for Comptia’s Security + exam. I utilized Professor Messer’s training videos. He explains the concepts clearly and using recorded materials works best for me. I often play them while I work. There are two other free training video categories: Comptia’s A+ and Networking+ exams. Practice tests and in-depth notes are also available to purchase.
In the spring of 2021, FRSecure offered a free weekly CISSP training class. The slides are available on the website. All sessions were recorded and are available on their YouTube Playlist.
Free Virtual Conferences and Summits
SANS is offering it’s 2021 Virtual Summits for FREE! 2021 Upcoming Summits include:
Earlier in 2021, SANS held a Purple Team and and DFIR Summits. If you are not already subscribing to SANS mail list, i suggest that you do. You will get up to date announcements on new summits as they are scheduled.
If you are not able to attend the entire summit or miss sessions, a recording will be available in your SANS account.
2. Grimm Con
Grimm Con is a free virtual conference offered by Grimm. It was born of the Pandemic, when in person conferences were being cancelled.
There are two Tracks, the newbies and seasoned speakers. All talks are recorded and available on their You Tube Channel. To get the full conference experience, sign up for both tracks and subscribe to their Discord channel.
The next Grimm Con will be held in December 2021. They are currently accepting talk proposals if you are interested.
3. Unicon
Unicon is a free virtual conference organized by SCYTHE. The conference is held on National Unicorn Day (April 4th). Talks include topics such as Purple Teaming, Risk Assessment, Ransomware, etc.
2021 talks are available on the Unicon YouTube channel.
I will admit to being partial to this event as I am SCYTHE unicorn and I love being part of the Herd!
4. Cactuscon
Cactus Con is one of the largest hacker conferences in Arizona. It is a free virtual conference. The next scheduled Cactus Con is February 4-5, 2022. This is another conference that has a lot of communication on its Discord server so be sure to subscribe if you do attend the conference. Cactus Con 2021 talks are available on the their YouTube channel.
I vote for continued virtual training
Although in person classes and conferences are again an option, many of us may not be ready to do so. For those of you who prefer to continue to social distance, These awesome online classes and events gives us that option.
We can continue to learn, grow and network (virtually).
If you know of any additional classes or conferences available, please feel free to message me on LinkedIn as I am always looking for new resources to use and share.
About the Author: Elaine Harrison-Neukirch has over 10 years of experience in cyber security working in the healthcare and financial services industries. She currently runs the customer support program at SCYTHE. Elaine loves giving back to the community and volunteers for the Cyber Security Non Profit (CSNP.org) and has written several blogs for them. Elaine advocates for Women in Cybersecurity; she is a member of both Women in Cybersecurity and Women’s Society of Cyberjutsu.
@rubysgeekymom
Comments