Learning resources for digital TIPS
This list of online courses and resources is maintained by Dr Dmitry Dereshev (The University of Manchester), and Professor Vladimiro Sassone (University of Southampton). You can learn more about the people behind SPRITE+ here.
If you have stumbled upon an unfamiliar digital TIPS term, check our glossary here.
If you know of a free on-demand resource along the same lines as the ones listed below, feel free to send your suggestions to firstname.lastname@example.org. Please ensure that the resource is free, aligned with digital TIPS, and contains educational content that's appropriate for newcomers.
Last updated: 2020-08-17.
If you only have a few minutes, here's an intro course for you.
Lectures cover threat models, attacks that compromise security, and techniques for achieving security, based on recent research papers. Topics include operating system (OS) security, capabilities, information flow control, language security, network protocols, hardware security, and security in web applications.
A number of practical games are delivered through cards. Here is our list of card-based digital TIPS exercises.
Riskio is designed for players from IT technology and non-technical backgrounds. Riskio will teach players to identify security vulnerabilities and appropriate defences.
Crypto Go teaches you the basics of cryptography, security, and the CIA pillars: Confidenciality, Integrity and Authentication. Recommended for ages 14+, with 4-6 players.
CTD is a card game which also has a video game form (Windows and Mac). It is designed to teach cybersecurity principles and a wide range of security issues.
A tabletop/role-playing game about security in industrial control systems. D-D players are challenged with managing the security of a small utility company.
Games you can play right in your browser that cover some aspects of digital TIPS.
In this Lab, you’ll defend a company that is the target of increasingly sophisticated cyber attacks.
You take a role as an "Cyber Ninja" defending BigRed Uni form various threats. A bit like Papers, Please, but with security skills in mind.
CTFs are a popular way to test your hacking skills. You are given a prompt, and your job is to recover a "flag" - usually a string of letters and numbers hidden within your target, be it a vulnerable computer, a website, or an encrypted piece of text. Below is a selection of CTFs available at any time.
Check CTF Time for which time-sensitive competitions are happening now.
Learn to win at Capture The Flag (CTF). These competitions distill major disciplines of professional computer security work into short, objectively measurable exercises. The focus areas that CTF competitions tend to measure are vulnerability discovery, exploit creation, toolkit creation, and operational tradecraft.
Challenge your hacking skills.
Penetration testing labs.
An Interactive Cyber Security Platform.
Challenges here range from cryptography to forensics to web.
picoCTF is a free computer security game targeted at middle and high school students, created by security experts at Carnegie Mellon University.
The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games.
Google runs a CTF competition in two rounds: an online qualification round and an onsite final round.
Practice your Cross-site scripting (XSS) attacks and defences.
This course is a good starting point for Information Security Professionals who want to learn penetration testing and ethical hacking.