CyberDefenders is an independently funded nonprofit project.. Donate
Cybersecurity students working together
Summer 2026 Internship

Turn classroom cybersecurity skills into real project experience.

A 6 week Summer 2026 project-based internship for students ready to build resume-worthy work with mentorship from Growth Sector, Cyberdefenders, and SF Bay Area Employers and Startup Ecosystem partners.

Apply Now Program Overview

Program Focus

Applied cybersecurity projects

Open-source tools, nonprofit security assessments, hardware research, honeypots, threat research, and resume-quality deliverables.

Why Apply

Built for 2nd and 3rd year cybersecurity students who want credible experience beyond coursework.

Real Experience

Work on practical cybersecurity problems with constraints, feedback, and deliverables that resemble real team projects.

Resume-Worthy Work

Leave with project artifacts you can discuss in interviews, portfolios, transfer applications, and internship searches.

Employer Network

Meet mentors and Bay Area partners who can help you understand cybersecurity roles, expectations, and next steps.

Program Overview

Work with mentors on focused cybersecurity projects that can be shared, demonstrated, and improved after the summer.

Duration

6 weeks

Mid-June to mid-August.

Format

Project-based

Hands-on internship work with mentorship and regular feedback.

Partners

Bay Area ecosystem

Growth Sector, Merritt College, UC Berkeley CLTC, and Bay Area organizations.

Compensation

Unpaid

Experience-focused internship designed around practical deliverables.

AI Security Bootcamp Option

Students will have an optional 1 week bootcamp before project work begins.

From First Principles

Learn about the exciting intersection of AI, machine learning, and security, including the practical challenges of securing AI workloads, all from first principles.

The Zero to One Data Science to AI workshop is an example of the AI basics covered in the program. Security topics will follow with additional content on AI security, threat models, and secure AI workload practices.

Explore Zero to One Data Science to AI

Important Dates

Applicants should plan around these milestones for the Summer 2026 internship selection process.

Application Deadline

May 15, 2026

Submit the application form and resume by this date.

Phone Interviews Complete

May 25, 2026

Selected applicants should expect phone interviews to be completed by this date.

Acceptance Notifications

June 7, 2026

Applicants will be notified of acceptance decisions.

Program Starts

June 15, 2026

The 6 week project-based internship begins.

Got Malware project graphic

Objective

Develop practical, open-source cybersecurity tools, workflows, assessments, and research artifacts across multiple project tracks.

  • Real-world applicability
  • Measurable performance improvements
  • Resume-quality deliverables
Apply Now

Project Tracks

Interns can contribute through malware tooling, community security assessment, hardware and IoT security research, or threat research.

These tracks are working options and may evolve as we receive more input from employer partners and mentors.

Project Track 1

Malware Analysis Agents using MCP Tools

Primary theme: using AI to create better malware analysis tools, based on discussion notes from Caleb.

  • Build or improve MCP (Model Context Protocol) tools for malware analysis.
  • Integrate tools into agent frameworks, including CLI, TUI, or coding-agent workflows.
  • Analyze malware samples ranging from simple examples to advanced scenarios, including supply chain attacks.

Project Track 2

Security Assessment for a Local Nonprofit

Work on a practical security assessment for a local nonprofit organization, using the shared nonprofit assessment document as the starting point.

  • Review the organization's public-facing security posture and operational risks.
  • Create prioritized, plain-language recommendations that nonprofit staff can act on.
  • Deliver a professional assessment report suitable for stakeholders and future grant or partner conversations.

Project Track 3

Hardware Hacking and IoT Networks

Explore hardware security, firmware analysis, and privacy risks in connected devices and mesh networks.

  • Use the DEF CON 33 Snitch Puck talk as a reference for IoT teardown and firmware-analysis methods.
  • Investigate Meshtastic-style network concepts, device configuration, and security tradeoffs.
  • Document a repeatable workflow for testing, analyzing, and responsibly reporting findings.

Project Track 4

LLM-Based Honeypots in AWS

Build and evaluate an LLM-assisted honeypot using Beelzebub in AWS, with attention to safe deployment, useful telemetry, and realistic attacker interaction.

  • Deploy Beelzebub-based honeypot services in an isolated AWS environment with logging, alerting, and cost controls.
  • Experiment with LLM-generated interaction patterns that keep attackers engaged while avoiding exposure of real systems or secrets.
  • Compare attacker behavior across SSH, HTTP, and fake admin-panel scenarios.
  • Create dashboards or reports that summarize techniques, commands, payloads, indicators, and recommended defensive actions.

Project Track 5

Threat Actor Research for Open-Source and Nonprofit Security

Research threat actors, campaigns, and tactics with an open-source or nonprofit security research team, with an emphasis on useful intelligence for community defenders.

  • Use open-source intelligence to document threat actor behaviors, infrastructure, tooling, and targeting patterns.
  • Map findings to practical defender frameworks such as MITRE ATT&CK where appropriate.
  • Create concise research briefs, indicators, timelines, or detection ideas that can help nonprofits and local organizations improve security.
  • Practice responsible research methods, careful sourcing, and clear communication for non-expert audiences.

Apply Now

Ready to work on practical cybersecurity projects with mentorship? The application takes a few minutes and includes a resume upload plus short screening questions.

Open Application Open Google Form