I love my job, I really do!
Being a web designer gives me the opportunity to play around with my creativity, but also to apply my “logic brain” when it comes to the structure of a website or coding.
But for a while now, one of my passions is Cyber Security.
I always found Hackers fascinating, the idea of transforming something to do something different (that it probably isn’t supposed to do) is appealing.
To a certain extent, we web designers do that too. In programming or for example in WordPress themes, there are limitations.
So we’re trying to find a solution, a workaround for the theme, or a solution the programmers didn’t think of.
That’s what I find most interesting. I love to play around with themes and make them do things they are not intended to do.
Why learning something new?
Cyber Security is gaining momentum, there is more and more talk about the safety of websites and web applications.
But, at least where I live, most people don’t really think about security at all, when it comes to their websites. And I think, that is going to change in the future.
Building more secure and safe websites is going to be the standard, I am sure. And this is what I want to be able to do.
I want to really understand what is possible and what vulnerabilities we as web designers are dealing with in our development process.
And to really be able to build secure websites, I need to see things from the other perspective, the hacker’s side.
Getting started was hard work
Getting started with Cyber Security was not easy for me.
I felt overwhelmed with all the information that is out there, didn’t know where to start and what topics to look into.
I have no background in computer science and rarely looked outside my website bubble into all the internet or computer stuff. All I knew about networks was what half-knowledge I needed to get my websites running.
Frustrating as it is, I knew, there is a lot of knowledge I am missing and that I need to learn, before being able to really get a handle on the security stuff.
Where to start?
It took me a while (and tons of reading) to write down a To-Do list for all the different concepts, languages topics and I wanted to cover.
The first step was to acknowledge, that Cyber Security is a very huge field nowadays. So I don’t have to know everything (well at least not now ;-)).
I already know my field of interest: web app security.
My way into Web App Security
Doing research I found the website from Portswigger. You may know them as the creators of the famous cybersecurity tool Burp Suite.
They have a web academy that teaches you the in and outs of web application security.
It covers multiple topics and gives you the opportunity to put them into practice in their own labs.
And the best about this is: it is free!
OWASP Top 10
The web academy course from Portswigger covers most of the OWASP Top 10 Vulnerabilities, which are a standard in the web app security field.
OWASP is a foundation that helps to improve the security of software.
Working through this list is a very good starting point. And, it will keep me busy for a while.
TryHackMe is a fun way to learn Cyber Security.
It is important to get your feet wet and start practicing what you learn in theory. Many things don’t make much sense until you try them yourself, others seem to be easy peasy until you are faced with it in “real”.
Additionally, it is very important for your motivation to see your progress.
As many rooms are free, you can test is without risk. I really love it!
There is always a but…
Starting with all the material and courses, I figured very soon that my missing knowledge of computer science is getting in my way.
The part that gave me the most headaches was network stuff. Without a basic understanding of how networks work, a lot of other concepts don’t make sense.
Network first – the fun stuff later
Looking into learning about networks, I stumbled upon the CompTIA Certificate Network+.
If I invest all this time into learning about networks, I can get a certificate out of it, cool!
I am going to write an extra post about the Network+ and what it includes.
Follow me on my journey
One of my motivations for this website is to get more people (and more women) interested in making websites more secure and find an interest in this field.
And seeing how overwhelmed I was at first, I hope to help others to have an easier start.
If you are on the same page, hit me up on Twitter. I would love to chat!