I love my job, I really do! Being a web designer gives me the opportunity to play around with my creativity, but also apply my “logic brain” when it comes to the structure of a website or the coding.
But for a while now, one of my passions is Cyber Security.
I always found Hackers fascinating, the idea of transforming something to do something different is appealing.
To a certain extent, we web designers do that too. In programming or for example in WordPress themes, there are limitations.
So we’re trying to find a solution, a workaround for the theme, or a solution the programmers didn’t think of.
That’s what I find most interesting. I love to play around with themes and make them do things they are not intended to do.
Why learning something new?
Cyber Security is gaining momentum, there is more and more talk about the safety of websites and web applications.
But, at least where I live, most people don’t really think about security at all, when it comes to their websites. And I think, that is going to change in the future.
Building more secure and safe websites is going to be the standard, I am sure. And this is what I want to be able to do.
I want to really understand what is possible and what vulnerabilities we as web designers are dealing with in our development process.
And to really be able to build secure websites, I need to see things from the other perspective, the hacker’s side.
Getting started was hard work
Getting started with Cyber Security was not easy for me.
I felt overwhelmed with all the information that is out there, didn’t know where to start and in what topics to look into.
I have no background in computer science and rarely looked outside my website bubble into all the internet or computer stuff. All I knew about networks was what half-knowledge I needed to get my websites running.
Frustrating as it is, I knew, there is a lot of knowledge I am missing and that I need to learn, before being able to really get a handle on the security stuff.
Where to start?
It took me a while (and tons of reading) to write down a To-Do list for all the different concepts, languages topics and I wanted to cover.
The first step was to acknowledge, that Cyber Security is a very huge field nowadays. So I don’t have to know everything (well at least not now ;-)).
I already know my field of interest: web app security.
My way into Web App Security
Doing the research I found the website from Portswigger. You may know them as the creators of the famous cybersecurity tool Burp Suite.
They have a web academy that teaches you the in and outs of web application security.
It covers multiple topics and gives you the opportunity to put it into practice in their own labs.
And the best about this is: it is free!
OWASP Top 10
The web academy course from Portswigger covers most of the OWASP Top 10 Vulnerabilities, which are standard in the web app security field.
OWASP is a foundation that helps to improve the security of software.
Working through this list is a very good starting point. And, it will keep me busy for a while.
There is always a but…
Starting with all the material and courses, I figured very soon that my missing knowledge of computer science is getting in my way.
The part that gave me the most headaches was network stuff. Without a basic understanding of how networks work, a lot of other concepts don’t make sense.
Network first – the fun stuff later
Looking into learning about networks, I stumbled upon the CompTIA Certificate Network+.
If I invest all this time into learning about networks, I can get a certificate out of it, cool!
I am going to write an extra post about the Network+ and what it includes. I wrote an article about it and you can find it here.
Follow me on my journey
One of my motivations for this website is to get more people (and more women) interested in making websites more secure and find an interest in this field.
And seeing how overwhelmed I was at first, I hope to help others to have an easier start.
If you are on the same page, hit me up on Twitter. I would love to chat!