Aware Ed is a computer-based security awareness program that allows people to learn and practice the latest cyber-security threats in hands-on simulations.

Untitled Document

SecurityIQ AwareEd

Don't Just Play Videos, Practice Behavior Change with Simulated Exercises!


Watch Video Training

Employee absorbs 20% of the material

Practice with SecurityIQ

Employee learns and applies 80% of the material

Take the first step in practicing with simulated exercises on AwareEd by signing up for a free SecurityIQ account today!

Tailored Courses

Start with our courses or build your own from our library of modules. Tools like module preview and time-to-complete calculations make course development easy for anyone.

Highly Interactive Training

Learners don't just watch or listen to our training. Instead they are challenged to solve hands-on simulations that replicate what they will actually encounter in the real world.

Customizable Alerts

Use our enrollment, reminder, and completion emails or build your own with WYSIWYG tools. You may also control the time of the emails and the apearance of learners' course pages.

Our Clients Include

Course Modules

Introduction and Conclusion

Introduction and Conclusion to Security Awareness explains who is attacking companies today, why cyberattacks are so effective, and why security is the responsibility of every employee. Motivations of internal employees, former employees, criminals, hacktivists and national governments are briefly covered to describe who is attacking. The scope and general type of recent large attacks are briefly covered to describe why attacks are so effective. References to internal policies, business ethics, criminal statutes, industry regulations and even personal or family safety are all briefly covered to encourage employees to take responsibility for cybersecurity. A related Conclusion reinforces the same concepts after each learner has taken their modules.


Phishing is the way that hackers use electronic messages, often email, to “fish” for unsuspecting users who will perform dangerous actions. Our interactive phishing training covers where phishing messages may appear, how to distinguish phishing from normal communications, how to confirm “borderline” messages, and when to report specific types of attacks. Learners are guided through each attribute of a phishing message, and then challenged to identify phishing messages from legitimate messages in a realistic environment. Our training also covers “spear-phishing,” which occurs when hackers take the time to adapt information from social media or other sources to specially craft phishing messages to target a particular organization or individual.

Mobile Security

Mobile Security addresses issues that result from the use of mobile phones and tablets for business purposes in public places and on public networks. Our training covers practical safe practices like screen locks, device encryption and WiFi validation to use in this scenario.


Malware is literally the “malicious software” that hackers use to take over computers, steal or corrupt data, and attack others. Our interactive malware training covers the dangers posed by this type of software, what it can infect, and how to prevent it with three anti-malware behaviors. The first anti-malware behavior we cover is avoiding suspicious downloads, attachments and other files. The second anti-malware behavior we cover is using regular if not automated software patches to keep vulnerable systems up to date. The third anti-malware behavior we cover is the proper use of anti-virus software.

Safe Browsing

Safe Browsing groups a number of best practices that keep users of the world wide web safe. Our interactive safe browsing training covers both secure communications and attacks hackers may try to launch from unsafe web sites. Special attention is paid to the proper use of HTTPS (using SSL or TLS), including the importance of private communications and browser behavior when communicating with different HTTPS sites. Additional attention is paid to unsafe links, and in that regard our safe browsing training reinforces concepts also covered in our Phishing module. Finally, attention is paid to web pop-ups, alerts, plug-ins and downloads, which reinforces concepts also covered in our Malware module.

Password Security

Password Security helps people select strong passwords and keep them safe. Our interactive password security training walks learners through he creation of a long and complex but easy-to-remember password with a list of rules commonly used throughout the Internet. Our password storage section discourages people from saving passwords in insecure locations, and encourages the use of locked physical locations and encrypted password storage software. Our training also covers situations in which a password may be stolen or is discovered to be too weak. We even cover realworld situations involving reuse of passwords within departments or across different systems, and resets of delegated account passwords.

Physical Security

Physical Security helps prevent information from leaking and technology from being stolen through flaws in the physical environment. Our interactive physical training covers places that information can leak out of logical systems, including printers and trash cans. It also covers the risks that people face when they leave technology unattended or unshielded in public or semi-public locations. It even covers office and plant security situations such as “tailgating” to follow an authorized person through a door. After each risk is presented, practical prevention of each type of risk is discussed.

Safe Working Remotely

Safe Working Remotely helps teleworkers, people who work from home (WFH), sales personnel, traveling managers and other remote personnel stay safe when not working in the office or plant. Our interactive safe working remotely training covers networking essentials, safe practices in public areas, and more. Specific attention is paid to home networks and the devices and risks that come with hem. More attention is paid to the use of encryption over public networks, and avoiding public computers, terminal or tablets when possible.

Removable Media

Removable Media is a term that covers USB drives, CDs and even plugable BYOD devices such as phones, cameras and tablets. Our interactive emovable media training covers two main concepts: the safe use of removable media for legitimate purposes, and attacks hackers launch from removable media. Safe use includes the use of encryption either before data is stored, or on the device itself. Hacker ttacks concentrate on malware and phishing messages that are often planted on “lost” USB drives and CDs scattered near a target organization.

Social Engineering

Social Engineering occurs when a hacker uses two-way forms of communication, including the phone and IM, to convince people to do their bidding. Our social engineering training teaches a three-step method to give people the confidence to add clarity to a confusing conversation, challenge the other person’s dentity, and verify suspicious requests with another person.

IDC lists InfoSec Institute as a Major Player in their Security Training Vendor Assessment.

"The quality of its instructors and training materials are viewed as the best of all vendors, as are its options for onsite and self-paced training. In addition, InfoSec is perceived to be hte best vendor for certification test prepearation, classroom locations, facilities, and practice labs."

IDC MarketScape. U.S. Security Training Ecosystem - Vendor Assessment

Training by Industry


This white paper describes how the SecurityIQ Platform allows organizations to comply with important HIPAA/HITECH regulations and standards, and assumes some familiarity with the related regulations.


This white paper demonstrates the real risks of ransomware. Ransomware has replaced advanced persistent threat (APT) network attacks as the most problematic cyber threat -- and early indications suggest that (ransomware) will be the main problem for 2016

PCI-DSS Compliance

This document describes how the SecurityIQ security awareness education platform allows organizations to comply with important PCI-DSS requirements and standards, and assumes some familiarity with the related regulations.


Start with our courses or build your own from our library of modules. Tools like module preview and time-to-complete calculations make course development easy for anyone.

  • Interactive Exercises
  • Easy Management
  • Comprehensive Reporting

Take the first step in practicing with simulated exercises on AwareEd by signing up for a free SecurityIQ account today!


AwareEd Overview

Download the SecurityIQ AwareEd security awareness specifications PDF. AwareEd emphasizes interactive learning and ease of administration.

Download PDF
Calculating Security Awareness ROI

Learn how to calculate the ROI of a phishing simulation and a follow-up article will look at other effectiveness KPIs.

Download PDF

New Exam Pass Guarantee!

Our new Live Online format has produced excellent results. We trust the course quality will help you pass on your first exam attempt and this exam-pass guarantee backs up that trust.