Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: What Can You Learn On Your Own? SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
What Can You Learn On Your Own?
We are all privileged to work in the field of information security. We also carry the responsibility to keep current in our chosen profession. Regularly I hear from fellow colleagues who want to learn something, but do not have a training budget, feel powerless and sometimes give up. I would like to share several approaches that can be used to bridge this gap and will hopefully inspire a self-investment both this weekend and beyond. None of these ideas cost anything more than time.
I decided to borrow an idea from an informal mentor, something I generally give them credit for, but not always. I decided to wake up early each morning with the intent to learn something new every day. Maybe the something is a new tool, a new linux distribution or taking an online class. Having done this now for the last 7 years, I can say without hesitation or regret that it has been pivotal in making me a better me. I am convinced that applying just a little bit of incremental effort will serve you well as well.
Ideas to get you started:              
  • SANS Webcasts and in particular their Archive link                         
  • Serve as an informal mentor to a junior team member, while being open to learn from them 
  • Volunteer help out in a local information security group meeting
  • Read that book on your shelf that has a little more dust that you would like to admit
  • Subscribe to Adrian Crenshaw’s YouTube channel 
  • Be intentional by creating a weekly appointment with your team in order to learn something new over a brown bag lunch
  • Foster an environment that facilitates a culture of learning
After considering this topic for a long time, I want to ask this question - What are you doing to invest in yourself, particularly in ways that do not cost anything but your time? Please leave what works for you in our comments section below.
Russell Eubanks
I will be teaching next: Security Strategic Planning, Policy, and Leadership - SANS Security East 2022


100 Posts
ISC Handler
May 7th 2017
There are MOOCs (Massive Open Online Courses), which are usually available to audit for free. For example, "Cyber Security Basics: A Hands-on Approach" (<!>). See also Microsoft Virtual Academy (

23 Posts
Excellent resource that made me remember these as well:

iTunes technology podcasts —>…

Higher Education podcasts —>…

iTunes U in the Apple App Store —>…

A quick Google search for security classes on iTunes U yielded many surprising results

Thanks for supporting the SANS Internet Storm Center!

100 Posts
ISC Handler
Start a blog. Even if no one else reads it, it's a great way to document what you've been working on (I use mine as a reference all the time) and by writing it, you're forced to present the work in a formal matter. It really makes you think about what it is you are learning and teaching, and helps cement that knowledge in your mind.
I tend to listen to a collection of Podcasts every morning to prep for my day, ISC Stormcast, Cyber Daily, Risky Biz. Then I browse reddit/r/netsec and other InfoSec sites to keep up on the news and I tend to learn something about a different security domain everyday.

Additionally at some point in the day I read a a few pages / a chapter in whichever InfoSec book I am reading in that given week.

1 Posts
I find the internet, digging, and volume, lots of volume is the best way to learn things on your own. Believe it or not i learned linux system structure and most of the cli interface at the age of about 13 by doing what? reading lots of man pages.

you know what else is great for learning? and the rfc section.

also the list serve mail lists for many groups like

you may not understand many of the documents or theories, but you end up liking what someone is talking about so you dig deeper.

my most recent self learned topic, ssl handshake packet structure and analysis through this rfc

so i would say reading is the number one way to "self learn"

edit: and of course the daily diaries at ;D

67 Posts

Sign Up for Free or Log In to start participating in the conversation!