Free Security Training Resources
Security is an important topic. Here are some free training resources to help you get up to speed on security.
I've been talking a lot with Steve Summers lately. He's NI's internal champion for test system security. I interviewed Steve for the LabVIEW Experiment and Software Engineering Radio (Episode 668 not yet published). Through those conversations, he invited me to help him with a presentation on Test System Security at NI Connect this year.
In prepping for that presentation, it became clear that the US Cybersecurity Maturity Model Certification (CMMC) and the EU's Cyber Resilience Act (CRA) recommend/require ongoing cybersecurity training for developers. So I did some research about training options. I found some great free training options to share with you all.
ISC2 Certified in CyberSecurity (CC)
ISC2 (pronounced eye-es-see-squared) is offering free Certified in CyberSecurity (CC) training and exams. I actually went through this recently. The course is an online course full of videos, flashcards, and a sample exam. I lost track of exactly how much time it took, but it was a few hours here and there at night over the course of a few weeks. Then there is a 100 question multiple-choice test at the end. It's all free.
It reminded me of the CLA exam. A lot of it was centered around terminology. In the CLA you learn about terms like block diagram, front panel, control indicator, etc and just the very basics of how LabVIEW works - Basic Dataflow, looping, queues, notifiers etc. It doesn't make you a LabVIEW expert, but you can hold a conversation about it. The CC Exam was very similar - A lot of basic terminology around incident response, business continuity, disaster recovery, threat modeling, encryption, confidentiality, integrity, availability, different types of access control, etc.
Semgrep Academy
After listening to Tanya Janca talk about secure coding on SE Radio, I discovered Semgrep Academy. Semgrep is a tool for searching text-based source code that can be used for static analysis to discover various vulnerabilities in your code. They also run Semgrep Academy where they offer a bunch of free online video courses. They cover topics like Secure Coding, Incident Response, and Application Security Foundations. I'm working through the Application Security Foundations now. It's about how to create a Secure Software Development Process.
Need Help Incorporating Security Into Your Test System
If you need help incorporating into your test system, let's talk! Use the button below to reach out.
