Free Cybersecurity Courses for Beginners

Article

There are many different ways to learn about cybersecurity online, from free videos on YouTube to fully accredited university degrees costing thousands of dollars. In this article, we've put together a comprehensive curriculum of free online courses which can teach you everything you need to know to get started in cybersecurity.

The courses include several MOOCs (massive open online courses) and resources from other online learning sites and YouTube. MOOCs are online courses that are open to all and mimic traditional learning by using various delivery methods (such as filmed content, course notes and practical exercises) and often providing user forums to promote interaction between learners and teachers. Many well-established institutions offer MOOCs which are related to cybersecurity. MOOCs are a great way to access high-quality teaching for those new to cybersecurity.

Not everyone learns in the same way, and there are other sources online which focus on specific industry certifications or on introducing more hands-on skills. It is vital to balance understanding some of the more theoretical foundations with practical experience with tools and techniques.

There are thousands of resources out there, ranging from free to $1000s. Here, we're giving you an overview of some good quality free resources that will teach you all the basics that you need to know.

You can find links to all of these great courses at the bottom of the article.

Can I really learn cybersecurity online?

Absolutely. Although there will always be benefits of learning things 'in person', the combination of more theoretical, 'college style' courses can be combined with practical labs (also available online) to learn the range of skills needed for a career in infosec (information security).

You won't become an expert just by watching videos - it's essential to make sure you get hands-on using different tools and technology. You can do this through an online platform or just using your own virtual machines in a 'home lab' environment.

To get started on your cybersecurity learning path, look at the courses below and see what interests you. It can be tempting to skip ahead to start using tools, but understanding some of the foundational technologies will equip you with the core skills needed to thrive in the field - don't feel obliged to complete them all, though!

How do beginners learn cybersecurity

Cybersecurity is a broad subject area, so it can be challenging to know where to start. Some of the basics include:

Once you have got to grips with the basics, you can start thinking about what you want to specialise in. For example:

The courses outlined below will give you the grounding you need to get started. Still, it is also vital to read up on areas that interest you and develop familiarity with the tools and technologies mentioned by doing practical exercises and labs where possible.

Coursera - Internet History, Technology, and Security

Duration: 15 hours

Coursera was one of the first large MOOC platforms and today offers many courses from a broad range of providers. The 'Internet History, Technology, and Security' course is offered by the University of Michigan and taught by Dr Charles Severance.

This course provides an excellent grounding to build on - the Internet is a critical component to almost all cyberattacks, so understanding how it works and why it is the way it is today is very valuable.

The 15-hour course covers how the web came about, the technologies (such as packets and protocols) that make the internet possible, and an introduction to how it can be secured.

edX - Introduction to Linux (LFS101x)

Duration: 14 weeks, 5 - 7 hours per week

edX is another well known MOOC platform and was created by Harvard and MIT in 2012. Linux is a computer operating system (like Windows or macOS) used by most web servers on the Internet and is also used by cybersecurity professionals worldwide. Therefore, if you want to pursue a hands-on career in cybersecurity, developing familiarity with Linux is a valuable skill to learn early on.

'Introduction to Linux' is offered by the Linux Foundation, an organisation central to the Linux ecosystem. The course is designed for people with no previous experience using Linux and will give you an excellent working knowledge of the operating system upon completion.

Topics covered include:

edX - CS50 Introduction to Computer Science

Duration

Over 2 million people have enrolled in Harvard's CS50 course on edX. The course is focused on general topics rather than cybersecurity, but if you're serious about the more technical side of cyber, having a solid understanding of computer science, including programming, is critical. It is a lot easier to 'break things' if you first understand how they work.

This is an entry-level course that teaches the foundations of computing (such as data structures and algorithms) and touches on a range of languages such as Python, C and SQL. Knowing how about data structures will help if you later want to learn related security concepts (such as buffer overflows) and understanding languages such as SQL will help you understand their vulnerabilities (such as SQL injection).

This is a self-paced course with video lectures and regular problem sets that provide practical exercises to understand and apply the taught material.

freeCodeCamp - Python for Penetration Testing

Duration: 2 - 3 hours (approx)

freeCodeCamp is a fantastic resource for learning to code for free! The main focus of their curriculum is web development and javascript, but they also have a great hands-on course focused on Python.

This short course will combine the skills you've learnt about how networks work with hands-on programming tasks. It starts by helping get your development environment set up before leading you by developing useful network security tools - a banner grabber and a port scanner. These tools mirror packages that penetration testers use every day (such as netcat and nmap). By building these yourself, not only will you learn more about Python, but you will also better understand at a fundamental level how these technologies work.

Once you have completed the course, why not try extending the project to add additional functionality, such as using sockets to send information as well as retrieve it?

FutureLearn - Introduction to Cyber Security

Duration: 8 weeks, 3 hours per week

The 'Introduction to Cyber Security' course on FutureLearn is offered by the Open University, supported by the UK Government's National Cyber Security Programme, and accredited by GCHQ Certified Training and IISP. The course provides a high-level overview of key cybersecurity areas, including:

Coming into this course with some background in networking and computer science isn't essential. However, having learned some foundational concepts through the earlier resources we have suggested, you will be now able to focus on the security aspects. The subjects covered could each be a course in themselves, so this is a good chance to understand which areas of infosec most interest you and what you might want to learn next.

Professor Messer's CompTIA Security+ and Network+

Security+ Duration: 15 hours Network+ Duration: 12 hours

Industry certifications and qualifications are one way of demonstrating your cybersecurity knowledge. If you're thinking of studying for an initial cybersecurity certification, the free resources put together by the team at Professor Messer are a great place to start. Two entry-level qualifications for cybersecurity are Network+ and Security+ offered by CompTIA, and Professor Messor provides a great set of videos to cover them both.

The Security+ (SY0-601) course covers:

The Network+ (N10-007) course covers:

If you wish to sit the relevant certification exams, you must arrange this separately through CompTIA. Formal qualifications like this aren't essential to have a career in information security. It is equally important, if not more so, to demonstrate a passion for the subject which can be shown through personal projects such as development and use of your own' home lab' and tools (which you may choose to publish somewhere like Github). Different employers will look for different qualities in candidates.

Ethical Hacking Courses from freeCodeCamp

The above courses will expose you to all the topics and concepts you need as a beginner; it is also important to be exposed to the different tools and technologies used by cybersecurity professionals. If you want to get hands-on and learn about offensive security techniques, freeCodeCamp has put together some comprehensive YouTube courses to help.

To get started with these, it helps to have some familiarity with Linux already, which you can gain with the Introduction to Linux course above. These courses focus on ethical hacking, and it is essential to remember the ethical part of that. Set up a safe home lab environment where you can experiment without breaking any legislation - don't try these techniques on assets or IP addresses that you don't have permission to test against.

Web App Penetration Testing - Full Course

Duration: 3 hours

If you want to focus on the security testing of web applications, this is a good place to start. This 3-hour course will introduce you to commonly used tools such as Burp Suite, Zap and DirBuster. The video uses these real-world tools to explore different attack classes commonly seen in websites, including cross-site scripting (XSS), cross-site request forgery (CSRF) and SQL injection (SQLi). You will put into practice against an intentionally vulnerable test environment, the Damn Vulnerable Web App (DVWA)

Full Ethical Hacking Course - Network Penetration Testing for Beginners

Duration: 15 hours

This is a comprehensive course from freeCodeCamp and 'The Cyber Mentor' (TCM). Rather than web apps, this course focuses on network penetration testing - skills relevant if you are interested in becoming an offensive security consultant (pen-tester) or red teamer. The course will build on your Linux and Python skills and teach you different stages of penetration testing, including


References

Learn more about this topic by checking out these references.