The question is not really "free or paid." Almost every major cyber security learning platform has a free tier, and almost all of them have something worth paying for at some point. The real question is: what does each tier actually unlock, when does paying make sense, and which platforms give you the most for your money when you do spend it?
This guide answers that directly. It covers the major platforms, what their free tiers genuinely deliver, what paid access adds, and how to think about the decision based on where you are in your learning journey.
Why the Free vs Paid Decision Matters
The stakes of this decision are higher than they might appear. A beginner who jumps into a paid platform that assumes too much prior knowledge, or one that offers unguided content before they have the foundations to benefit from it, often concludes that they are not suited for cyber security when the real issue was just the wrong starting point. The wrong free tier can produce the same result: a few rooms completed, a sense that nothing is clicking, and a quiet conclusion to try something else.
Getting the platform right, at the right tier, at the right moment in your development, is genuinely consequential for whether you get where you are trying to go.
The Platforms: Free and Paid Tiers Compared
TryHackMe
Free tier: Hundreds of individual rooms covering Linux fundamentals, networking, web application basics, OSINT, cryptography, Windows, and introductory CTF challenges. One hour of daily AttackBox time (browser-based Kali Linux, no local setup required). Free OpenVPN access for connecting your own machine. Introductory rooms in all major learning paths accessible without payment. A public profile that tracks and displays your progress, visible to employers.
What Premium unlocks: Full access to all structured learning paths including SOC Level 1, Jr Penetration Tester, Cyber Security 101, and Red Teaming. Unlimited AttackBox time. Certificates of path completion. The SAL1 and SAL2 certification exams, which are the most practically-validated SOC analyst credentials available at any tier on any platform.
Price: Around $10 per month on an annual plan, $14 month to month. Student discount available.
Verdict: The strongest free starting point of any platform for beginners. The free tier is genuinely substantial rather than a trial. Premium is the best value paid tier in the market for structured, role-aligned learning because everything is unified under one subscription with no additional credits or separate products to purchase.
HackTheBox
Free tier: Access to the Starting Point track (a guided series of machines designed for beginners), a rotating set of active machines, and 30 free Cubes in HTB Academy covering several Tier 0 introductory modules. Free community forums and Discord.
What paid unlocks: VIP access ($14/month) unlocks retired machines with official walkthroughs, which are the most valuable learning resource on the platform. HTB Academy requires separate purchase of Cubes or a subscription plan beyond the free introductory modules. Pro Labs, which simulate full corporate network environments, require additional subscription on top of VIP.
Price: VIP around $14/month. Full experience across Labs, Academy, and Pro Labs can cost considerably more depending on what you use.
Verdict: HackTheBox is excellent for intermediate to advanced learners who want unguided, realistic machines that validate existing skills. The free tier is limited compared to TryHackMe. The paid experience is fragmented across multiple products with separate costs, which makes the total price harder to predict and the value harder to assess for beginners. Best used after foundational skills are in place, not as a starting point.
PortSwigger Web Security Academy
Free tier: Everything. PortSwigger Web Security Academy is entirely free with no paywall, no account required for most content, and no time limits. It covers every major web application vulnerability class from apprentice through expert level, with explanatory content and interactive labs throughout.
What paid unlocks: Nothing. There is no paid tier.
Price: Free.
Verdict: The best free resource in cyber security for web application security specifically. The depth and quality of content are exceptional, and the lack of any paywall is unusual among quality learning platforms. The scope is narrow: web application security only. For anyone targeting web application penetration testing, bug bounty work, or web security roles, it is the primary resource. For everyone else, it is a valuable supplement rather than a starting point.
Cybrary
Free tier: A library of video-based courses covering security fundamentals, compliance frameworks, and tool introductions. Free account required.
What paid unlocks: Insider Pro ($59/month or around $399/year) adds hands-on virtual labs, assessment tools, practice tests, and career path alignment features.
Price: Free tier genuinely useful for video content. Paid tier expensive relative to alternatives.
Verdict: Useful for video-based learning, particularly for compliance and foundational content. The free tier is video-heavy with limited hands-on practice. The paid tier is priced at a premium compared to TryHackMe for comparable or less hands-on content. Better suited to corporate training contexts than individual learners.
Platform Comparison Table
| Platform | Free tier quality | What paid unlocks | Paid price | Best for | Value verdict |
|---|---|---|---|---|---|
| TryHackMe | Excellent. Hundreds of free rooms, 1hr AttackBox, free OpenVPN, public profile | Full learning paths, unlimited AttackBox, completion certificates, SAL1 and SAL2 certifications | ~$10/mo annual, ~$14/mo monthly | Beginners through intermediate; structured, role-aligned learning across offensive and defensive | Best overall value. Strongest free tier and most unified paid experience in the market |
| HackTheBox | Limited. Starting Point track and a few Academy modules free | Retired machines with walkthroughs (VIP); Academy content requires separate purchase | ~$14/mo VIP; Academy and Pro Labs extra | Intermediate to advanced; unguided realistic machines; OSCP preparation | Good value for intermediate learners. Fragmented pricing makes full experience costly |
| PortSwigger Web Academy | Outstanding. Entirely free, no limits, no account needed for most content | Nothing. No paid tier exists | Free | Web application security specifically; bug bounty hunters; web pentesters | Exceptional value for web security. Too narrow to be a standalone starting point |
| Cybrary | Good. Video course library, foundational content | Virtual labs, assessments, practice tests, career path tools | ~$59/mo or ~$399/year | Video-based learners; compliance and GRC content; corporate training | Expensive relative to alternatives for individual learners. Better suited to enterprise teams |
Pricing accurate as of April 2026. Verify current rates on each platform's website before purchasing.
When Free Is Enough
Free content is genuinely sufficient in several situations.
If you are in the first four to six weeks of learning and have not yet decided whether cyber security is the right direction, the free tiers across TryHackMe, PortSwigger, and community GitHub repositories give you enough to make that decision without spending anything. Committing money to a platform before you know whether its teaching style suits you is an unnecessary risk.
If your specific goal is web application security, PortSwigger Web Security Academy gives you everything you need for free, from beginner through expert level, with no practical reason to pay for anything else in that domain.
If your current priority is building Linux, networking, and OS fundamentals before moving to offensive security content, TryHackMe's free rooms cover this comprehensively. The free introductory rooms in the Pre Security and Cyber Security 101 paths are weeks of genuine learning with no cost.
When Paying Is Worth It
Paid access earns its value when you are ready to follow a complete structured path and free-tier access is the only thing stopping you.
The clearest case for TryHackMe Premium is when you have exhausted the free introductory rooms and want to work through a complete role-aligned path, such as SOC Level 1 or Jr Penetration Tester, without stopping at every paywalled room. At $10 per month annually, it is the most affordable structured cyber security curriculum available from any platform. Compared to a bootcamp at thousands of dollars or a university course at tens of thousands, the value is clear.
The case for HackTheBox VIP is specifically when you are at intermediate level, have solid foundational skills, and want to work through retired machines with walkthroughs as OSCP preparation or to build an offensive security portfolio. It is not a beginner purchase.
The Smartest Approach for Most Learners
Start with TryHackMe's free tier. Work through the introductory rooms in the path most relevant to your target role. If the platform's teaching style works for you and you find yourself consistently learning and wanting to go deeper, upgrade to Premium. At that point, you know you will use what you are paying for.
Add PortSwigger Web Security Academy as a free supplement whenever you are working on web application security topics, regardless of which platform you are primarily using.
Consider HackTheBox VIP after twelve to eighteen months of structured learning, when you want unguided realistic machines to validate your skills and prepare for practical certifications.
That sequence, starting free and paying selectively at the right time, gives you the best of every platform without paying for things you are not ready to use.
Nick O'Grady