Linkz 4 Free Infosec and IT Training

In this day and age budgets are shrinking, training funds are dwindling, and the threats we face continue to increase each day. It's not feasible to solely rely on training vendors to get your team up to speed. Not only does it not make sense economically but for your teams to increase and maintain their skills they need to be constantly challenged. In this edition of linkz I'm linking to free training resources one can use to increase their own or their team's skills.

This post may be one you want to bookmark since I'm going to keep it up to date with any additional free online training resources I come across.

ENISA CERT Exercises and training material

The ENISA CERT has some exercises and training material for computer security incident response teams(CSIRTs). The material covers a range of topics such as: triage & basic incident handling, vulnerability handling, large scale incident handling, proactive incident detection, and incident handling in live role playing. This material will be of use to those wanting to do in-house training for people who are responsible or involved with responding to and/or handling security incidents.

Open Security Training

Open Security Training.info has posted some outstanding information security training. To demonstrate the depth of what is available I'll only touch on the beginner courses. These include: Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration, Introduction to Network Forensics, Introduction to Vulnerability Assessment, Offensive, Defensive, and Forensic Techniques for Determining Web User Identity, and Malware Dynamic Analysis. If anyone is looking to take free security training then Open Security Training should be your first stop.

SecurityXploded Malware Analysis Training

The SecurityXploded website also offers free malware analysis training. The current offerings are Reverse Engineering & Malware Analysis Training and Advanced Malware Analysis Training. For anyone wanting to explore malware analysis then one of these courses may be helpful.

DHS/FEMA Online Security Training

The next resource provides various security courses by the DHS/FEMA Certified Online Training over at the TEEX Domestic Preparedness Campus . The courses offered on this site aren't as technical as the other resources I'm linking to. However, the content shouldn't be overlooked with topics such as: Cyber Incident Analysis and Response, Information Security Basics, Information Risk Management, and Secure Software. These courses are not only useful for people who are on a security team but I can see these being beneficial for anyone wanting to know more about security.

College Courses on Coursera

"Coursera is an education company that partners with the top universities and organizations in the world to offer courses online for anyone to take, for free." The courses available are on a range of subjects; just like the offerings at your local universities. As it relates to InfoSec and IT, there are courses in Computer Science, Information Technology, and security related topics.

Microsoft Virtual Academy

The next resource will definitely be useful for anyone wanting to learn more about Microsoft's technology. The " Microsoft Virtual Academy (MVA) offers online Microsoft training delivered by experts to help technologists continually learn, with hundreds of courses, in 11 different languages." The available courses are on a range of technologies including: Windows, Windows Server, Server Infrastructure, and Virtualization. One of the more interesting courses - as it relates to incident response- is the Utilizing SysInternals Tools for IT Pros course.

PentesterLab

The next resource is on the offensive side of the security house. " PentesterLab is an easy and great way to learn penetration testing." " PentesterLab provides vulnerable systems that can be used to test and understand vulnerabilities." The available exercises include but are not limited to: Web Pentester, Web Pentester II, From SQL Injection to Shell, and Introduction to Linux Host Review.

Metasploit Unleashed

Continuing on with the offensive side of the security house is Metasploit Unleashed.  For anyone looking to learn more about Metasploit should start out with this course for a solid foundation about the framework.