Considering an undergraduate course is about 3-4 months in duration, there's only so much it can cover in any depth. Even the most rigorous are still pretty shallow compared to what someone with years of work in the field would know.
What they don't tell you. Everyone in the company will hate you, no one will fix the bugs you find, HR will want to sack you for fun, and the execs are all psycho's. Find a better career, like watching paint dry, or become a monk. Its fun, but not worth it. People are twats.
Sucks being a cost center. I've come to realize that a lot of what makes security fun for me still boils down to engineering problems that isn't only found in security teams.
Seeing this makes me miss the salad days of MOOCs. I learned programming in the 2010s through MIT’s EDX Introduction to Programming course, and then a course on Coursera by Martin Odersky on Functional Programming through EPFL, and I feel like that ladder has been kicked away due to MOOC monetization policies. I wonder if we could return to these days.
I took the EPFL course as well, although did not finish it. As someone who only had experience working with imperative programming and OOP stuff, it blew my mind -- I never knew you could write code like this. The course was great but a bit too fast for me at the time (part of the reason I did not complete it).
On the first era, here's a Java lecture from Stanford, if it's too basic for you, it still has historical value, iirc it's something like Java 6. And it also reinforces the basics.
It's a bit harder to follow along with online materials since you have to use the Internet Archive, and download older compilers or use options to target older versions, but it's all the more fun for it.
I like that the MIT CSAIL CSS website (https://css.csail.mit.edu/) has a link to a Russian online gambling site due to what I’m assuming is a typo (click on the Foundations of Cryptography class)
* memory safety and exploitation (the "buffer overflow" section is about 20 years out of date, though super appropriate for a first course)
* the WebPKI/certificates thing
* messaging security and messaging cryptosystems,
* microarchitectural security and hardware side channels.
Multiple full courses on each of these subjects would bring you up to "practitioner" levels of expertise.
1- When this internet thing came out
2- When this covid thing came out
On the first era, here's a Java lecture from Stanford, if it's too basic for you, it still has historical value, iirc it's something like Java 6. And it also reinforces the basics.
https://www.youtube.com/watch?v=KkMDCCdjyW8&list=PLA70DBE71B...
It's a bit harder to follow along with online materials since you have to use the Internet Archive, and download older compilers or use options to target older versions, but it's all the more fun for it.