Getting Started with AppSec
This article has been updated from the original published version.
Below is a list of FREE resources that I used to learn about Application Security, or that I have personally created. This is not an exhaustive list, but I do hope that you find it helpful, and that you join our industry!
My first course on Microsoft Learn!!!! Top 5 security items to consider before pushing to production
The OWASP Cheat Sheets Series (all the AppSec Secrets). If you ever can’t find something specific, search for “OWASP Cheatsheet” + what you’re trying to do, there usually is one. This project was started by someone named Jim Manico, and I also recommend following him.
OWASP Zed Attack Proxy, AKA “Zap” — FREE web proxy/web app vulnerability scanner, good for beginners or pros. Learning how to scan your own apps is a FANTASTIC way to learn about security. Just make sure you do it safely, read the instructions. :)
Read my blog article with suggestions on “Getting into Security”.
Thanks for reading!