Information Security Training

Information security is a specialized skill-set that requires years of education and experience to master. Unfortunately, many security gurus agree that it's next to impossible to teach many of the skills necessary to become an expert. While we agree with this we'll, in any case, try to lead those willing to put in the time to expand their knowledge of information security.

Below, is a list of resources, broken down by subject, to help those with an interest in information security expand their horizons.

Auditing

• The Art of Software Security Assessment - Book
• Web Security Testing Cookbook - Book

Basic Security Topics

• Fedora Security Features Matrix
• Center for Internet Security Benchmarks
• Security Technical Implementation Guide (RHEL 6) (contains mainly useful tips for securing Fedora systems)

Cryptography

Encryption

• PKI Crash Course
• U.S. NSA Suite B Cryptography Guidance
• Bulletproof SSL and TLS
• Mozilla Security/Server Side TLS guide
• Mozilla SSL Configuration Generator

Hashing

Network Security

• Hacking Exposed: Network Security Secrets & Solutions - Book

Product-specific Documentation

Fedora

• Fedora Security Guide
• Security Features Matrix

Red Hat

• RHEL 7 Security Guide

Secure Programming

• Fedora Secure Coding Guidelines
• Security-related presentations by Ulrich Drepper
• 2011 CWE/SANS Top 25 Most Dangerous Software Errors
• Avoiding the Top 10 Software Security Design Flaws
• Software Assurance Maturity Model
• Security Testing Guide
• Buffer Overflow Attacks: Detect, Exploit, Prevent - Book
• OWASP free and open software security community
• OWASP Security DevGuide - Book