Blog
Jan 31, 2023
OffSec Yearly Recap 2022
A comprehensive OffSec yearly recap: revisit some of the highlights, wins and important cybersecurity training themes that guided us through 2022.
8 min read
Although it may seem that 2022 passed by quickly, it’s important to take time and reflect on all of the accomplishments from the previous year. Here at OffSec, we raised the bar on continuous cybersecurity training and education and sharpened our focus on delivering a scalable, hands-on learning platform to meet the growing demands of today’s cybersecurity workforce.
All of the triumphs, both large and small, were made possible thanks to all of you – our students, customers, community, partners, and collaborators from around the world.
Here are some highlights, wins, and important themes that have guided us through the year.
Continuous cybersecurity learning library
Since its introduction, the OffSec Training Library has transformed into a growing on-demand learning platform for continuous cybersecurity workforce development. This allowed us to update content on a rolling monthly basis, expand into new areas of cybersecurity and offer our learners a truly integrated learning experience in a single platform.
From introductory to advanced-level training, the OTL grows with our learners and empowers them to tackle the challenges of tomorrow. That focus on continuous learning has steered us throughout 2022.
cybersecurity skills
and launching brand-new courses and learning paths.
Learn Fundamentals
In March we introduced Learn Fundamentals which was created to support professional development for those that want to begin training toward a cybersecurity specialization and gain prerequisite skills for more advanced courses and certifications.
Learn Fundamentals initially launched with new content across three learning paths: penetration testing (PEN-100), security operations (SOC-100), and web application testing (WEB-100). Throughout the year, Learn Fundamentals was updated and expanded to include:
- Exploit Development Prerequisites – EXP-100
- Secure Software Development Fundamentals – SSD-100
- Cloud Security Foundations – CLD-100
We also released assessments and badges for PEN-100, SOC-100, and WEB-100 to provide learners with an opportunity to put their skills to the test and demonstrate their readiness for further learning and certifications.
New certification exams
Speaking of certifications: at the very start of the year, we launched the Offensive Security macOS Researcher (OSMR) certification exam for EXP-312: macOS Control Bypasses. WEB-200: Web Attacks with Kali Linux and SOC-200: Security Operations and Defensive Analysis got the same treatment with the release of the Offensive Security Web Assessor (OSWA) and the Offensive Security Defense Analyst (OSDA) certification exams, respectively.
PEN-200 and the OSCP
We introduced Topic Exercises as a way to provide a better approach to achieving learning objectives compared to the legacy exercises. In August, we sunsetted the legacy course exercises and started a new paradigm for achieving OSCP Bonus Points through the new Topic Exercises. This new process will allow even more focus on hands-on lab work that approaches real-life scenarios.
The growing library
We celebrated the 100th Proving Grounds Practice machine! And this is just one part of the continuously growing OffSec Training Library. Here are some of the numbers on the library content as of the end of 2022:
OffSec Training Library
2022
Getting the most out of the OffSec learning ecosystem
When it comes to platform updates and new functionalities, we started the year off right and enabled downloads for course learning materials to allow our Learn One and Learn Unlimited students to access book PDFs and videos at their convenience, even after their subscription ends.
In a true “you asked, we listened” manner, dark mode was introduced to the OffSec Training Library.
When it comes to other features we added to the OffSec Training Library, seamless upgrades was one of the highlights. Students can now easily upgrade their Learn Fundamentals subscription to Learn One whenever they feel ready for more advanced content. For teams, upgrades are available for both Learn Fundamentals to Learn One and Learn One to Learn Unlimited paths.
To wrap up the year, the Admin Portal UI was updated to feature more insight into team learning progress, better subscription and course management, and much more.
Expanding the reach of cybersecurity training through strategic partnerships
In May, we also launched the Offensive Security Global Partner Program. The program is designed to provide best-in-class cybersecurity training and certifications to students and professionals through strategic partnerships with select education, learning, and channel partners worldwide.
Investing in your future got easier with discount programs and financing options
Part of last year’s focus was to make OffSec’s cybersecurity learning content more accessible and provide students with more payment options and support. We partnered with Climb Credit to offer financing for new, U.S.-based students for as little as 0% APR and up to 36 monthly payments.
Kali Linux
network repositories
As always, there were several major Kali Linux releases with many fixes, security updates, enhancements, and of course, new tools.
Some of the highlights from 2022 releases include:
- Kali everything image – An all-packages-in-one solution now available to download
- Microsoft Azure – We are back on the Microsoft Azure store
- More platforms – Generic Cloud, QEMU VM image & Vagrant libvirt
- Kali NetHunter Pro – Announcing the first release of a “true” Kali Linux on the mobile phone
- Kali Unkaputtbar – BTRFS snapshot support for Kali
- Virtual machines updates – New VirtualBox image format, weekly images, and build scripts to build your own
- Kali-Tweaks meets SSH – Connect to old SSH servers using legacy SSH protocols and ciphers
- Test lab environment – Quickly create a test bed to learn, practice, and benchmark tools and compare their results
- Discord server – Kali’s new community real-time chat option was launched!
- Opening Kali Tools – We have opened up the Kali tools repository & are accepting your submissions!
- Refreshed browser landing page – Firefox and Chromium homepage has had a makeover to help you access everything Kali you need
- Tweaks for the terminal – Enhanced Zsh syntax-highlighting, the inclusion of Python3-pip and Python3-virtualenv by default
- Kali NetHunter updates – WPS attacks, new releases in our NetHunter store, Internal Bluetooth support & other improvements
- Social networks – New homes, keeping in touch & press packs
- April Fools’ Day – Hollywood mode – Awesome screensaver
The Kali team is already hard at work on 2023 releases. The next Kali update will be the 10th-anniversary release featuring Kali Purple, along with a few other surprises! The roadmap for next year includes supporting more platforms and improving the ones we are on, refreshing the community forums, and improving our in-house tools with Kaboxer & Kali-tweaks. Stay tuned!
Giving back to the community
The OffSec Community is the place to be for connecting, chatting, and collaborating with infosec professionals and OffSec experts. During 2022, OffSec Discord membership increased by 176%, with increased engagement thanks to our amazing community moderators.
The community regularly shares educational information and hosts discussions, podcasts, and giveaways.
OffSec Academy
The Academy is facilitated by OffSec instructors to enhance students’ learning experience as they prepare for OffSec exams. In 2022, OffSec Academy sessions focused on PEN-200 and were open to all PWK students, including alumni. We’ve already launched Season 2, which will focus on WEB-200: Web Attacks with Kali Linux and preparing for the OSWA certification exam! Currently enrolled WEB-200 students may now register for the OffSec Academy: WEB-200 training stream sessions on Zoom.
OffSec Live
OffSec Live is a series of free streams that cover a variety of OffSec’s courses and general topics for students and the public, including machine walkthroughs. Expert OffSec instructors provide review sessions and brief demonstrations. These sessions provide additional opportunities for students to develop leadership skills, communication, and networking, all while gaining valuable employment skills. Subscribe to the OffSec Twitch channel to make sure you don’t miss out on future OffSec Live sessions!
Subreddit
OffSec has entered the Reddit space with the launch of the r/offensive-security subreddit! Join the community and share personal experiences, learning strategies, and tips, and have a chance to interact directly with OffSec staff.
Webinars
We continued to host monthly webinars for our students and enterprise customers. Topics ranged from helping organizations set and achieve their desired training outcomes and employee development, and finding internal cybersecurity talent, to cloud security training and preparing for the OSCP.
On-demand recording can be found here.
The OffSec Blog
Our blogs cover a variety of topics, including expert insights, enterprise cybersecurity training, the latest course updates, student experiences, and educational resources. Here are the five most popular posts from 2022:
- 5 Tips to Get a Cybersecurity Job With No Experience
- Weaponizing and Abusing Hidden Functionalities Contained in Office Document Properties
- Goals for Your Cybersecurity Career Path: Setting New Year’s Resolutions
- Sunsetting PEN-200 Legacy Course Exercises and a New Way to Achieve Points
- The Importance of Skilled Security Practitioners
What’s coming next
What does 2023 have in store for OffSec? We can’t share the details just yet, but you can expect exciting and comprehensive updates to our content, new features and enhancements, learning paths, community events, and much more. We’ll be sure to share details as soon as we can.
Your feedback is invaluable for our growth so please share with us on social media or in the OffSec community what you’re hoping to see from OffSec in the future!
Latest from OffSec
Enterprise Security
How to Use Assessments for a Skills Gap Analysis
Discover how OffSec’s Learning Paths help organizations perform skills gap analyses, validate expertise, and strengthen cybersecurity teams.
Nov 19, 2024
4 min read
Enterprise Security
The Human Side of Incident Response
Effective incident response requires decision-making, adaptability, collaboration, stress management, and a commitment to continuous learning.
Nov 8, 2024
5 min read
OffSec News
Master Incident Response with Hands-On Training in IR-200: Foundational Incident Response
OffSec is excited to announce the immediate availability of a new course: IR-200: Foundational Incident Response.
Oct 29, 2024
4 min read