Resources | BMCC Cybersecurity

Recommended Books

Essential reading from industry leaders

The Web Application Hacker's Handbook

By Stuttard & Pinto. Comprehensive guide to web security testing, vulnerability identification, and penetration testing techniques.

Cybersecurity Fundamentals

By Adam Gordon. Covers CIA triad, risk assessment, threat modelling, and enterprise security strategy fundamentals.

Designing Security Architecture Solutions

By Stefania Dane. Deep dive into building secure systems, zero-trust architecture, and defence-in-depth principles.

AI Security & Governance

By Robert Griffin. Essential for understanding adversarial ML, model robustness, and safe AI deployment frameworks.

Incident Response & Computer Forensics

By Jason Londo. Complete guide to incident investigation, evidence preservation, and digital forensics procedures.

NIST Cybersecurity Framework Guide

Official reference for implementing NIST CSF, compliance frameworks, and organizational security maturity.

Essential Tools

Industry-standard security tools used by professionals

Wireshark

Network protocol analyzer for packet capture, traffic inspection, and network troubleshooting.

Burp Suite

Web application security testing platform with automated scanning and manual pentesting tools.

Kali Linux

Penetration testing distribution with 600+ security tools pre-installed for ethical hacking.

Metasploit Framework

Vulnerability assessment and exploitation framework for security testing and code development.

Nessus

Network vulnerability scanner detecting configuration issues, malware, and missing patches.

OWASP ZAP

Open-source web security scanner finding vulnerabilities in web applications automatically.

Certification Paths

Industry-recognized credentials to advance your career

CompTIA Security+Entry-level cert covering network security, compliance, threats & vulnerabilities. Foundation for most security roles.
Certified Ethical Hacker (CEH)Validates pentesting & hacking skills. EC-Council certification widely recognized in offensive security.
CISSPCertified Information Systems Security Professional. Advanced credential for experienced security architects & managers.
CCNA SecurityCisco network security specialization. Focus on firewalls, VPNs, intrusion prevention, & network defence.
Google Cloud Security EngineerCloud-specific certification covering GCP security, compliance, data protection, & incident response.
AWS Certified Security SpecialtyValidates expertise in AWS security architectures, encryption, compliance, & threat detection.

Community & Connections

Join the global cybersecurity community

Forums & Discussion Boards

OWASP, SecurityFocus, and InfoSec communities where professionals discuss threats, tools, & career advice daily.

Discord Communities

Real-time chat communities including HackTheBox, TryHackMe, and industry-specific security Discord servers.

LinkedIn & Professional Networks

Connect with security leaders, follow industry news, & discover job opportunities in your speciality.

Conferences & Events

DEF CON, Black Hat, RSA Conference, and regional events for networking & staying current with trends.

Downloadable Study Guides

Printable resources for structured learning

Security+ Exam Study Guide

Domain breakdown, exam objectives, practice questions & time management tips for successful certification.

Download PDF

NIST Framework Reference

Function mapping, core categories, implementation tiers, and organizational alignment checklist.