PortSwigger Launches Web Security Academy

PortSwigger has launched a free interactive training platform in an attempt to address the global shortage of cybersecurity talent. 

The makers of Burp Suite cut the ribbon on the new Web Security Academy last month following a soft launch of the platform in April 2019, which a PortSwigger spokesperson said had garnered "overwhelmingly positive user feedback."

The Web Security Academy features a vast amount of high-quality reading materials and interactive labs of varying levels of difficulty. Inside the free resource, users are able to access a safe testing environment in which to experiment without incurring any kind of legal risk.

Content will be continuously updated, with new topics and material added regularly to reflect the ever-changing nature of the cyber-threat landscape. Learning materials currently available on the site include labs on clickjacking, WebSocket, HTTP request smuggling, server-side request forgery, and XXE injection.

Users of the new platform can track their progress and indulge in a little healthy competition via live leader boards. Learning is offered at a pace set by the user and without the pressure of deadlines, although the first user to finish each freshly released lab will get their name in the Hall of Fame and win some Burp Suite swag. 

After six months of being tested out and tweaked in beta, the Web Security Academy was officially launched on October 29. 

The academy is led by PortSwigger founder and CEO and author of The Web Application Hacker's Handbook, Dafydd Stuttard, along with PortSwigger's world-renowned research team.

"There has been huge demand for a third edition of The Web Application Hacker's Handbook. After much thought, I concluded that writing another paper book wasn't the right option today. Much better to produce an online edition that is interactive, actively maintained, and accessible to everyone. The Web Security Academy is exactly that," said Stuttard.

The launch of the new free training website follows news reported last week that global IT security skills shortages have now surpassed four million. 

Research conducted by recruitment firm Outsource found that since 2014, the number of organizations reporting a problematic security skills shortage has more than doubled, from 23% to 51%.

What’s Hot on Infosecurity Magazine?