Cybrary Free Access
Advance Your Career with Free Access to Cybrary
Sign up for Cybrary’s free plan and explore over 2,000 expert-designed courses. From threat-informed training to certification preparation and beyond, Cybrary fully equips cybersecurity professionals to succeed at every stage of their career.
What Does Cybrary's Free Account Include?
Free users get full access to over 50 courses, including certification prep, select virtual labs, and 2 foundational career paths. We also now regularly offer hands-on threat-informed labs that are completely free from start to finish.
Trusted by Over 3 Million Cybersecurity Practitioners & Teams
Glad to have discovered Cybrary they are such a great tool to use to help diversify your knowledge through lessons, assessments and practices. All compact[ed] into highly detailed and informative chunks of information. Feeling very content with the results.
Cisco Certified Network Associate
We’ve had six students this summer, all with different schedules, so we’ve been trying to balance their learning experience with some practical work. It’s not like they’re all sitting in a classroom at the same time, so the ability for them to learn at their own pace without any additional support has probably been the biggest benefit of using Cybrary.
Business Development Manager
Cybrary Challenges
Take on new challenges every month to practice cutting-edge cybersecurity skills. Learn how attackers can take advantage of vulnerabilities and remain undetected during threats. Sign up for a free account to enroll in any Cybrary Challenge.
Threat Actor Campaigns
Adversaries are constantly adapting and evolving their tactics to compromise your environment. Stay a step ahead with Cybrary’s Threat Actor Campaigns -- interactive courses that provide a complete overview of real-world kill chains. Create a free account today to access one of the latest Threat Actor Campaigns from start to finish!
CVEs (Common Vulnerabilities and Exposures)
Thousands of CVEs are discovered and disclosed every month that could severely impact your organization. Our CVE Series lets you experience critical vulnerabilities through interactive courses and secure virtual environments to develop the skills necessary to mitigate risk. With a free account, you can access one of the lates CVE courses. Free CVEs rotate regularly, so don’t miss out and enroll today!
Empower Your Team, Protect Your Organization
Empower your team to detect and mitigate cybersecurity threats with Cybrary. Request a demo today for access to hands-on practice labs, assessments, custom content, and more.
Popular Courses
Create a free Cybrary account and get access to the first two introductory lessons in ANY one of 1,900+ courses in our catalog.
Cybrary Challenge: Motor Mayhem
In this challenge, you will take on a CAN Bus challenge by analyzing a CAN Bus dump file. The Controller Area Network (CAN bus) is a message-based protocol found in the automobiles that we use today. Every action of the car is recorded into this dump file. This allows us to read vehicle operations such as turn signals and other vehicle operations.
CVE Series: WinRar Vulnerability (CVE-2023-38831)
WinRAR, a popular 1990s file archiver still used by 500 millions users worldwide, suffers from a high severity Remote Code Execution (RCE) vulnerability. In this course you’ll be putting on your Red Team hat to create your own malicious file and gain control of the victim’s computer by leveraging this CVE!
CVE Series: Openfire (CVE-2023-32315)
If you're a cybersecurity practitioner who wants to know more about how to exploit and defend against CVE-2023-32315 (Openfire Path Traversal to RCE), you won't want to miss this course. You will identify the vulnerability, exploit it, and mitigate it in a hands-on, secure lab environment. Don't let Openfire catch you off guard.
SolarWinds - New
Want to better understand the 2020 SolarWinds compromise that dominated the headlines? Interact with the malware used in the attack in this SolarWinds hands-on course and virtual lab so you can detect whether your organization was affected and protect against this type of threat in the future.
SC-300 Microsoft Identity and Access Administrator
Learn to design, implement, and operate your organization’s identity and access management (IAM) systems by using Microsoft Azure Active Directory, part of Microsoft Entra. As an IAM admin, you'll collaborate with many other roles to drive strategic identity projects, modernize identity solutions, and implement identity governance.
SC-200 Microsoft Security Operations Analyst
Learn to reduce risk by rapidly remediating active attacks in your environment, advising on improvements to threat protection practices, and referring policy violations to appropriate stakeholders. You will get the most out of this course if you are familiar with Microsoft 365, Azure cloud services, and Windows and Linux operating systems.
Challenge: Memory Mysteries
In this challenge, you will take on a memory forensics challenge by analyzing a dump file. Memory forensics is an important piece of evidence when conducting a forensics investigation. Unique insights such as network connections and injected processes can be found through memory analysis.
Check Point Jump Start: Quantum Spark Network Security
The Check Point Quantum Spark 1500 Pro security gateway family delivers enterprise-grade security in a series of simple and affordable, all-in-one security solutions to protect small business employees, networks, and data from cyber-theft. This course is suitable for new learners with no prior experience with Check Point Network Security products.
Careers In Cybersecurity
Getting started in cybersecurity can be tough, and the number of careers seems endless. This course will get you hands-on with six of the most common cybersecurity roles, including penetration tester, digital forensics, cloud security, governance, security analyst, and security engineer. Decide which career is right for you today!
Penetration Testing and Ethical Hacking
To assess the strength of your organization’s cybersecurity posture, you need to gather information, perform scanning and enumeration, and show how an adversary could hack into your systems. This ethical hacking course will give you those skills and prepare you for related certification exams so you can prove your capabilities.
CIS Critical Security Control 5: Account Management
Welcome to our course series on CIS Top 18 Critical Security Controls v8. In this course covering control 5: Account Management, you'll learn best practices for establishing group policies for complex and unique passwords for users. Plus, gain hands-on experience with disabling dormant accounts and centralizing account management.
CIS Critical Security Control 7: Continuous Vulnerability Management
Welcome to our course series on CIS Top 18 Critical Security Controls v8. In this course covering control 7: Continuous Vulnerability Management, you'll demonstrate how to configure a repository for Linux servers and configure a Windows System Update Service for a domain controller. Get hands-on with automated OS and application patch management!
CIS Critical Security Control 6: Access Control Management
Welcome to our course series on CIS Top 18 Critical Security Controls v8. In this course covering control 6: Access Control Management, you'll demonstrate how to enable Multifactor Authentication (MFA) on a Linux server and define role-based access controls.
CIS Critical Security Control 3: Data Protection
Welcome to our course series on CIS Top 18 Critical Security Controls v8. In this course covering control 3: Data Protection, you'll practice configuring data access control lists. Plus, learn how to deploy a data loss prevention solution and encrypt data on both end-user devices and removable media.
CompTIA Security+ (SY0-601)
Ready to start your cybersecurity journey? The CompTIA Security+ SYO-601 credential is one of the most essential certifications in the world of information security today. Learn about essential introductory security and risk management concepts from world-famous cybersecurity instructor, Kelly Handerhan.
AZ-104 Microsoft Azure Administrator
Looking to enhance your experience with Azure administrative cloud technologies and solutions? This Microsoft Azure AZ-104 Certification training course will help you pass the exam and confidently administer basic Azure solutions such as web servers, networking solutions, storage solutions and cloud environment monitoring.
OWASP Top 10 - A08:2021 - Software and Data Integrity Failures
The OWASP Top 10 features the most critical web application security vulnerabilities. In this part, A08: Software and Data Integrity Failures, you'll take advice from a trusted offensive security professional on how to implement best practices for data and software integrity verification and risk mitigation.
OWASP Top 10 - A04:2021 - Insecure Design
The OWASP Top 10 features the most critical web application security vulnerabilities. In this part, A04: Insecure Design, you'll take advice from a trusted offensive security professional on how to use threat modeling and other techniques to protect your organization against critical design flaws that adversaries could exploit.
MITRE ATT&CK Defender™ ATT&CK® Adversary Emulation
Do you want to learn the exciting discipline of Adversary Emulation? In this MITRE ATT&CK® Defender™ (MAD) Adversary Emulation course, you’ll learn how to emulate real-world adversary threats to improve cybersecurity. Leveraging the MITRE ATT&CK Framework, you will research, plan, and execute adversary emulation activities in hands-on labs.
OWASP Top 10 - A09:2021 - Security Logging and Monitoring Failures
The OWASP Top 10 features the most critical web application security vulnerabilities. In this part, A09: Security Logging and Monitoring Failures, you'll take advice from a trusted offensive security professional on how to implement best practices for developing security logging and monitoring solutions at your organization.
CVE Series: Polkit (CVE-2021-4034)
The Polkit vulnerability (CVE-2021-4034) is a critical vulnerability impacting every major Linux distribution. Its attack vector allows privilege escalation and can even give the attacker root access. Exploit and mitigate this vulnerability in this hands-on course that gives you the skills you need to protect your organization.
AWS Certified Solutions Architect Associate (SAA-C03)
Ready to design and implement distributed systems on AWS? This AWS Solutions Architect Associate training course will prepare you to pass the associate-level certification exam. Gain hands-on experience with configuring AWS secure architecture, creating a custom VPC, and more.
CVE Series: Log4J (CVE-2021-44228)
The Log4J vulnerability (CVE-2021-44228) took the world by storm in late 2021. Do you have what it takes to exploit and mitigate this critical vulnerability that experts say had the biggest global impact since Shellshock? Find out in this course, where you'll put your defensive and pen testing skills to the ultimate test in a virtual lab.
OWASP Top 10 - A10:2021 - Server-Side Request Forgery (SSRF)
The OWASP Top 10 features the most critical web application security vulnerabilities. In this part, A10: Server-Side Request Forgery (SSRF), you'll learn to identify, exploit, and offer remediation advice for this vulnerability in a secure lab environment. Build your offensive security and penetration testing skills with this one-of-a-kind course!
Introduction to Java
In this Java programming course, you will start with the fundamental and key concepts that have made it become so powerful and widely used around the world for personal and industry projects. Some concepts covered in this course are the following: Inheritance, Encapsulation, Polymorphism, and Abstraction.
Secure Coding Fundamentals
In Secure Coding Fundamentals, Ayokunle Olaniyi takes you through the best coding practices, which ensures that the application developed as a result stick to the CIA triad and are not riddled by the OWASP top 10. Various aspects of code security and risk assesments across the OWASP top 10 are discussed along with the preventive measures.
Wireless Network Fundamentals for Security Practitioners
In this course, the instructor covers the basics about wireless protocols which includes LTE, Bluetooth, Z-Qave, and zigbee. The instructor also goes more in-depth with Aircrack-NG by discussing the tools used to test the wifi networks, explaining how to install the tools on various OS, and demonstrating an Aircrack-NG lab.
Fundamental Cryptography: Data Protection
Data protection prevents your information from fraudulent activities like identity theft, phishing, and hacking. In our Fundamental Cryptography: Data Protection course, you will learn how to utilize cryptography, cryptology, encryption, PKI, and permissions to ensure data is properly secured both in transit and at rest.
Networking Fundamentals for Security Practitioners
Advance your networking knowledge with this Networking Security Fundamentals for Security Practitioners course. Learn networking fundamentals through the lens of a security practitioner. Examine network protocols, architecture, devices, and topology, which are vital for any entry-level IT professional.
Mobile Security Fundamentals
In Mobile Security Fundamentals, Ken Underhill discusses IOS security architecture and goes into depth about code signing, sandbox, and exploit mitigations. In addition to recognizing & scanning vulnerabilities, secure boot chain is explained through tools such as Wondershare & Kingo.
Malware Fundamentals
In Malware Fundamentals, Dustin Parry explores how malicious software is designed to damage and disable computers. Malware such as anti-malware, backdoors, spyware, adware, ransomware are all covered, specifically in terms of how to recognize, prevent, and solve these software attacks.
Fundamentals of Risk Policies and Security Controls
In this course, you'll learn various controls that need to be put in place to ensure the CIA triad of security is maintained while running a business. With threats expanding with time and more advanced attacks and data breaches being discovered, it is important for organizations to have proper security controls in place to ensure data safety.
CompTIA Network+ (N10-008)
Eager to learn basic networking concepts and pass the CompTIA Network+ (N10-008) exam? Cybrary’s Network+ training course provides you with the knowledge to prepare for the exam and perform entry-level networking tasks such as troubleshooting, routing, and intrusion detection.
Scanning & Enumeration
As a penetration tester or red teamer, you will use scanning and enumeration to interact with target systems and learn more about them just like a hacker would. In this Scanning and Enumeration course, you will learn to use key tools to discover and document target information that is vital for your engagements.
OWASP Top 10 - A05:2021 - Security Misconfiguration
The OWASP Top 10 features the most critical web application security vulnerabilities. In this part, A05: Security Misconfiguration, you'll identify, exploit, and offer remediation advice for this vulnerability. We also cover XML External Entities. Build your offensive security and penetration testing skills with this one-of-a-kind course!
OWASP Top 10 - A02:2021 - Cryptographic Failures
The OWASP Top 10 features the most critical web application security vulnerabilities. This part covers A02: Cryptographic Failures. You'll learn to identify, exploit, and offer remediation advice for this vulnerability in a secure lab environment. Build your offensive security and penetration testing skills with this one-of-a-kind course!
OWASP Top 10 - A07:2021 - Identification and Authentication Failures
The OWASP Top 10 features the most critical web application security vulnerabilities. In this part, A07: Identification & Authentication Failures, you'll identify, exploit, and offer remediation advice for this vulnerability in a secure lab environment. Build your offensive security and penetration testing skills with this one-of-a-kind course!
OWASP Top 10 - A06:2021 - Vulnerable and Outdated Components
The OWASP Top 10 features the most critical web application security vulnerabilities. In this part, A06: Vulnerable and Outdated Components, you'll learn to identify, exploit, and offer remediation advice for this vulnerability in a secure lab environment. Build your offensive security and penetration testing skills with this one-of-a-kind course!
OWASP Top 10 - A03:2021 - Injection
The OWASP Top 10 features the most critical web application security vulnerabilities. This part covers A03: Injection. You will learn how to identify, exploit, and offer remediation advice for this vulnerability in a secure lab environment. Build your offensive security and penetration testing skills with this one-of-a-kind course!
OWASP Top 10 - A01:2021 - Broken Access Control
The OWASP Top 10 features the most critical web application security vulnerabilities. This part covers A01: Broken Access Control. You will learn how to identify, exploit, and offer remediation advice for this vulnerability in a secure lab environment. Build your offensive security and penetration testing skills with this one-of-a-kind course!
IoT Security
This IoT Security course is designed to help IT professionals strengthen their knowledge about the Internet of Things (IoT) and the security platforms related to it. You’ll also be able to identify the security, privacy and safety concerns related to the implementation of an IoT infrastructure.
AWS Certified Cloud Practitioner
Learn the foundational principles of Amazon Web Services (AWS), the world’s most comprehensive and broadly adopted cloud platform. This AWS Cloud Practitioner training not only gives you a solid understanding of how to implement AWS cloud solutions but also prepares you to pass the current related certification exam.
OWASP Top 10 - A04:2017 - XML External Entities
The OWASP Top 10 features the most critical web application security vulnerabilities. This part covers A4: XML External Entities. You will learn how to identify, exploit, and offer remediation advice for this vulnerability in a secure lab environment. Build your offensive security and penetration testing skills with this one-of-a-kind course!
Linux Hardening
Are you a Linux systems administrator seeking to learn the best practices for securing your network? In this Linux Hardening course, Corey Holzer walks you through hardening for the system level, services, and user account management and you apply these concepts in a series of secure virtual labs.
Check Point Jump Start: CloudGuard Workload Protection
This course, brought to you by industry leader Check Point, introduces you to CloudGuard -- which provides unified cloud-native security for all your assets and workloads. You'll gain insight into the security challenges involving workload protection, and will learn how to deploy and configure the solutions under the CloudGuard umbrella.
Check Point Jump Start: Harmony Endpoint Security
This course, brought to you by industry leader Check Point, introduces you to Harmony Endpoint -- the industry’s first unified security solution for users' devices and access. It protects devices and internet connections from the most sophisticated attacks while ensuring zero-trust access to corporate applications.
Check Point Jump Start: SMB Appliance Network Security
This course, brought to you by industry leader Check Point, introduces you to Check Point's Small and Medium Business (SMB) network security appliances. You will learn how to deploy, configure, manage, and monitor network security policy on the SMB appliance platform. This course will prepare you for the SMB Jump Start exam #156-413 at Pearson Vue.
Check Point Jump Start: Product Deployment
In this course brought to you by industry leader Check Point, you will learn the concept of software deployment and the methods and tools used for deployment of Check Point products. And, you will drill down into each deployment tool, providing an overview of how to use it given a common use case.
Check Point Jump Start: CloudGuard Posture Management
In this course brought to you by industry leader Check Point, you will learn about Posture Management, why you need a Posture Management solution, and what makes the Check Point CloudGuard Posture management solution the Global leader in Cloud Protection.
Check Point Jump Start: Cloud Security
In this course brought to you by industry leader Check Point, you will learn about cloud security challenges and how different Check Point CloudGuard products can be used to protect your environment. Check Point CloudGuard is a comprehensive cloud security portfolio, designed to prevent the latest cyberattacks targeting enterprise cloud services.
SolarWinds Hands-On Course
Want to better understand the 2020 SolarWinds compromise that dominated the headlines? Interact with the malware used in the attack in this SolarWinds hands-on course and virtual lab so you can detect whether your organization was affected and protect against this type of threat in the future.
Security Onion
Security Onion is an open-source Network Security Monitoring and log management Linux Distribution. In this Security Onion course, you will explore the history, components, and architecture of the distro to improve your networking skills. Learn how to install and deploy server architectures, as well as how to replay or sniff traffic.
Recon 101
Your pentests will only be successful if they are based on high-quality information gathered at the start of the engagement. If you want to leverage resources like Google Dorking, DNS queries, and other public data sources to set yourself up for a successful pentest, then check out this hands-on Recon 101 course.
Foundations of Virtualization
Virtualization enables multiple operating systems to function simultaneously on a computer system. Take this Foundations of Virtulaization course to learn about a standard business practice in IT Operations. This course presents foundational concepts of virtualization and gives you the experience to administer virtualization in a lab environment.
Azure Policies
Are you familiar with Azure Cloud Services and JSON scripting, but want to learn how to create and assign custom Azure policies? In this course, you will explore how Azure Policy is used for IT governance of resources. If you’re looking to become an IT auditor, compliance manager, or cloud security architect, then this is the course for you.
Advanced Malware Analysis: Redux
Do you have knowledge of malware analysis core concepts, but want to transition from malware analyst to reverse engineer? Brian Rogalski, CEO of Hexcapes, equips you to handle complex tasks such as extracting, debugging, disassembling, unpacking, and hunting malware. Gain the hands-on experience you need to level up.
Developing Effective Certification Preparation Strategies
In this webinar, Angela explains the root causes skills gap and provides a targeted approach to scaling effective certification preparation to teams, how to approach supplemental prep materials, and how to know when teams are ready to pass the exams.
ISO 27001:2013 - Information Security Management Systems
Information security managers seeking ISO 27001 certification for their organization need to know the requirements and practical activities needed to align their systems with that standard. This ISO 27001:2013 - Information Security Management Systems course shows you how to design, implement, and maintain an ISO 27001-compliant system.
CVE Series: Ghostcat (CVE-2020-1938)
If you're a cybersecurity practitioner who wants to know more about how to exploit and defend against Ghostcat (CVE-2020-1938), the you won't want to miss this course. You will identify the vulnerability, exploit it, and even mitigate it in a hands-on, secure lab environment. Don't let Ghostcat catch you off guard.
Information Systems Security Engineering Professional (ISSEP)
Build upon your CISSP certification by getting the specialized credential of the Information Systems Security Engineering Professional (ISSEP) training. By mastering the five ISSEP domains focused on developing secure systems, you can demonstrate that you have deep subject matter expertise in your field.
Always Prepared: The Keys to Building a Skilled Cybersecurity Team
This session focuses on building a skilled cybersecurity team. The benefits of developing your team’s skills are clear, but nearly 80% of IT and Security leaders say they don't yet have a way to ensure team knowledge and skills are up-to-date.
MITRE ATT&CK Defender™ (MAD) ATT&CK® SOC Assessments Certification Training
Do you know how to leverage the MITRE ATT&CK® framework to conduct Security Operations Center (SOC) assessments? Join highly regarded MITRE engineers in this MITRE ATT&CK Defender™ (MAD) ATT&CK SOC Assessments Certification Training course to get the knowledge you need for the certification and evaluate how your current defenses map to ATT&CK.
California Consumer Privacy Act (CCPA)
The passage of the California Consumer Privacy Act (CCPA) in 2018 established new regulations for consumer privacy rights. Take this course so you can help your organization implement changes in compliance with this law. Beyond the legal components, you’ll explore concepts such as cloud vs on-premise data hosting and SaaS solutions.
Career Crash Course: Network Engineering
No experience? Not sure if network engineering is for you? This career crash course on network engineering will give you insight into the career outlook for network engineers, show you what a day in a network engineer’s life looks like, and help you decide if you want to pursue this career path.
IoT Product Security
As with the regular Internet, the Internet of Things (IoT) is increasingly targeted in malicious attacks. If you are a CISO or security director for an organization that produces IoT or IIoT products, you should take this advanced IoT Product Security course so you can build a risk-based IoT product security program in this quickly evolving field.
Enterprise Security Leadership: Creating a World Class Security Operations Center (SOC)
There are 9 tips to help you build a world-class Security Operations Center. In this session of Enterprise Security Leadership, Ed Amoroso covers everything from establishing support to implementing training to utilizing the right tools for the job.
Implementing a HIPAA Compliance Program
Companies that handle protected health information must implement a good Health Insurance Portability and Accountability Act (HIPAA) compliance program. If you are a CISO or in another leadership position, this HIPAA compliance course is the perfect way to learn the process necessary to gain HIPAA compliance for your organization.
Cloud Governance Principles
If you’re a security or IT leader seeking to learn more about the field of governance in cloud operations, then you'll want to take this course on Cloud Governance Principles. Learn about the increasingly critical field of governance in cloud operations and how to effectively plan for implementation, and address issues that arise in cloud adoption.
US Information Privacy
Are you overwhelmed by the intricacies of U.S. information privacy and data security laws? Privacy and data security are critical in today’s digital world. Gain the insight you need to navigate the realm of information privacy in the U.S. public and private sectors by taking this U.S. Information Privacy course.
NIST Privacy Framework
The NIST Privacy Framework is a tool that enables you, as a cybersecurity professional or privacy manager, to identify and manage privacy risk and conduct business in a way that protects individual’s privacy. This NIST Privacy Framework course breaks down the tool’s core components and enables you to apply it and compare it to other frameworks.
HCISPP
As our healthcare industry grows, so do the risks associated with keeping health information secure. The HCISPP certification is ideal for security professionals responsible for safeguarding protected health information (PHI). Take this HCISPP training course to prepare to manage and implement security controls for healthcare information.
Privacy Program Management
An effective Privacy Program protects you from liability as