HACKER Q&A
📣 swooppoop

How to spend (IT security) training budget


I am a mobile security engineer and we have a training budget of 1100€ per employee at our company.

I can't really think of anything I'd really need, but I also don't want it to go to waste. Also there are so many good free resources available online.

Do you have suggestions on how to best spend it?

Ideas I had: - Books (I mainly read online blogs) - Hardware (I have a tablet for reading, a raspberry to deploy mini projects and testing devices) - Certifications (Don't really need them currently and not a big fan of the time constrained certs as I'd have to renew them) - Courses (There are a lot of good free courses I can do) - Access to platforms (e.g. Hack The Box, TryHackMe, ...) - Soft skills trainings

  👤 WalterGR Accepted Answer ✓
> books

O'Reilly Learning[0] is amazing. (Of course, your employees would have to read the books...)

https://www.oreilly.com/online-learning/

It's $499 per year per user.

[0] Formerly O'Reilly Safari Books Online.

👤 rschachte
Udemy Personal Plan. Unlimited video courses. Many courses for many things, I learn a lot in there. There are varying degrees of depth. Everything from compilers, x86 reverse engineering to Next.JS dev
👤 badrabbit
I would say SANS but you can't afford it. Even blackhat briefs only cost more (they have trainings+defcon too). Beyond entry level stuff, either you need $3-8k/person or you stick with free videos and blogs that are nowhere near as good but still better than nothing.

I don't know what your title means, do you work with apps or secure the infrastructure apps talk to? If your focus is strictly on software/code security disregard my advice (although since you mentioned tryhackme, my opinion might still be relevant)

👤 paskozdilar
I just started working in the industry a couple years ago so please take what I say with a grain of salt - but in my experience, learning from a skilled person is much more efficient that any other form - a person can adapt the topic to your level of understanding, immediately clearing any misunderstanding. So wouldn't it be more efficient to hire a skilled person in your target field to teach you?
👤 rdubs333
I am working on a STEAM Innovation/Creativity drawing test for team building exercise. If you would like to experience it we can jump on a call.

MTREES.io

There is a free manual about product and systems design and a pay for test that humans take and come up with a product or a creative solution. Then share the results and crown the queen!

👤 eswat
Look for courses/certifications that don't need to be renewed but are still highly recognized, like stuff from Offensive Security (though they don't have anything mobile specific).
👤 aviditas
I would do a combination of making a lab environment for hands-on exploration and quality low cost training like from the BHIS folks at antisyphon training. antisyphontraining.com
👤 methusala8
you said : Courses (There are a lot of good free courses I can do).

Can you mention any good courses which are free?

👤 xyzzy123
You could send the team to a good local-ish security conference, with nice accomodation.