Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every month!

Topic
Type
View Results
Filter Results
Whitepaper & report

2021 IT & Security Talent Pipeline Study

Professional development, Best practices
Actionable strategies to patch your cyber talent pipeline in a post-pandemic world.
Download
Poster, infographic & tool

The Road to Cybersecurity Toolkit

Phishing, Security awareness
Download our free toolkit for everything you need to engage your employees and instill secure habits.
Download
Whitepaper & report

Cybersecurity Culture — Quantified

Security awareness, Cybersecurity
See the data on the most overlooked variable in security and learn how to measure your organization's cybersecurity culture.
Download
Webinar & video

CMMC rollout: How CMMC will impact your organization | Infosec Edge Webcast

Professional development, Compliance, Cybersecurity, Certification
More than 300,000 organizations will be affected by the new CMMC Framework. Learn how your organization will be affected.
Watch now
Poster, infographic & tool

Infosec Skills course catalog

Professional development, Cybersecurity, Certification
Infosec Skills keeps your team's security skills fresh year-round with hundreds of courses mapped to the NICE Cybersecurity Workforce Framework.
Download
Poster, infographic & tool

ROI of Security Awareness Calculator

Security awareness
Download our free calculator, input your organization's costs and measure your return on security awareness training.
Download
Video

Executing the Sandworm APT with MITRE ATT&CK

Professional development, Cybersecurity
Learn the techniques the Sandworm APT hacking group used to compromise, pivot from and destroy a server. Then try to do it yourself.
Watch Now
Podcast

How to disrupt ransomware and cybercrime groups | Cyber Work Podcast

Professional development, Cybersecurity
On today’s podcast, Adam Flatley of Redacted talks about 14 years spent with the NSA and working in global intelligence. He also delineates the process of disrupting ransomware and cybercrime groups by dismantling organizations, putting on pressure and making the crime of ransomware more trouble than it’s worth!

0:00 - Intro
3:13 - Getting into cybersecurity
4:27 - Why work for the DoD?
6:37 - Average work day in threat intelligence
9:28 - Main security threats today
11:53 - Issues cybersecurity is ignoring
16:12 - Disrupting ransomware offensively
23:00 - How to handle ransomware
25:07 - How do I fight cybercriminals
27:15 - How to convey self learning on a resume
28:24 - Security recommendations for your company
31:40 - Logistics of changing security
34:40 - Cybercrime in five years
36:57 - Learn about Redacted
39:18 - Learn more about Adam
40:00 - Outro
Listen now
Podcast

How to become a cyber threat researcher | Cyber Work Podcast

Professional development, Cybersecurity
On today’s podcast, John Bambenek of Netenrich and Bambenek Consulting talks about threat research, intelligence analytics, why the same security problems are so evergreen and the importance of pitching in a little extra bit of your time and talents to make the world a bit better than you found it.

0:00 - Intro
2:45 - Getting into cybersecurity
9:40 - Threat researcher versus security researcher and threat analyst
12:05 - How to get into a research or analyst role
16:32 - Unusual types of malware
19:03 - An ideal work day
23:06 - Current main threat actors
28:50 - What cybersecurity isn’t addressing
31:38 - Where can I volunteer?
36:02 - Skills needed for threat researchers
40:53 - Adjacent careers to threat research
45:11 - Threat research in five years
48:55 - Bambenek Consulting
49:35 - Learn more about Bambenek
50:26 - Outro
Listen now
Webinar & video

Join the hunt: Threat hunting for proactive cyber defense

Professional development, Cybersecurity, Certification
Don your virtual threat hunting gear and join Infosec Principal Security Researcher Keatron Evans as he goes sleuthing for cyber threats.
Register now
Webinar & video

Threat hunting foundations: People, process and technology

Professional development, Cybersecurity, Certification
Ever wonder what threat hunting is all about? Learn the basics of what it’s like to have a career hunting down potential cyber threats.
Register now
Webinar & video

Get started in cybersecurity in 2022: How to gain experience and launch your career

Professional development, Cybersecurity, Certification
More than 2.7 million cybersecurity professionals are needed in 2022. Learn how you can get started in cybersecurity and build a career.
Register now
Webinar & video

Learn how to hack and conduct a penetration test with Keatron Evans

Professional development, Cybersecurity, Certification
Learn how to exploit vulnerabilities and think like a hacker with hands-on demonstrations from Keatron Evans.
Register now
Video

Pivoting with proxy chains with MITRE ATT&CK

Professional development, Cybersecurity
Learn how adversaries leverage hardware to pivot into a protected network. Then try it yourself and master these MITRE ATT&CK® techniques.
Watch Now
Podcast

How to become a great cybersecurity leader and manager | Cyber Work Podcast

Professional development, Cybersecurity
On today’s podcast, Cicero Chimbanda, Infosec Skills author and lecturer, discusses his cybersecurity leadership and management courses. We discuss the many paths of a cybersecurity leadership role, the soft skills that separate a good information security manager from a great one and why a baseline of cybersecurity knowledge can enhance any job, even if you don’t plan to pivot into the industry.

0:00 - Intro
3:37 - Getting into cybersecurity
6:43 - First learning cybersecurity
7:54 - Skills needed to move up
10:41 - CISM certification
13:00 - Two tracks of technology
15:13 - Are certifications important?
18:50 - Work as a college lecturer
22:43 - Important cybersecurity soft skills
27:40 - Cybersecurity leadership and management
32:33 - Where to go after security leadership
35:26 - Soft skills for cybersecurity managers
37:23 - Benefits to skills-based education
39:40 - Tips for lifelong learning
43:46 - Cybersecurity education’s future
45:21 - Outro
Listen now
Podcast

Cybersecurity collaboration, team building and working as CEO | Cyber Work Podcast

Professional development, Cybersecurity
On today’s podcast, Secureworks president and CEO Wendy Thomas talks about the company’s drive to provide innovative, best-in-class security solutions that sit at the heart of customers’ security operations. Thomas shares over 25 years of experience in strategic and functional leadership roles, including work as a chief financial officer, chief product officer and VP of strategy. Thomas has worked across multiple technology-driven companies and has a wealth of knowledge.

0:00 - Intro
3:18 - Wendy’s origin in cybersecurity
5:13 - Climbing the career ladder
8:10 - Average day as CEO
10:38 - Collaboration in cybersecurity
13:07 - Roadblocks in collaboration
15:03 - Strategies to encourage collaboration
17:53 - Is there collaboration now?
19:30 - Solving technology security gaps
21:35 - Limiting incident response noise
23:10 - Addressing the skills shortage
25:07 - Women in cybersecurity
30:45 - Developing your team
32:53 - Advice for those entering cybersecurity
34:18 - Outro
Listen now
Video

Reconnaissance and resource development with MITRE ATT&CK

Professional development, Cybersecurity
Learn the MITRE ATT&CK® techniques adversaries use for reconnaissance and resource development. Then try it yourself in our cyber range.
Watch Now
Podcast

How to learn web application security | Cyber Work Podcast

Professional development, Cybersecurity
On today’s podcast, Infosec Skills author Ted Harrington talks about authoring a recent Infosec Skills learning path, “How To Do Application Security Right,” which is also the subtitle of his recent book, “Hackable: How To Do Application Security Right.” Harrington shares his application security expertise, or AppSec, the benefits of skills-based learning, and what it was like to hack the iPhone.

0:00 - Intro
3:00 - Hacking the iPhone
8:30 - IOT security
14:00 - “Hackable” book
17:14 - Using the book as a roadmap
18:42 - Most important skills right now
21:45 - Taking Harrington’s class
24:40 - Demystifying application security
26:48 - Career opportunities
28:26 - Roadblocks in application security
30:55 - Education tips for application security
33:40 - Benefits of skills-based education
37:21 - The skills gap and hiring process
41:19 - Tips for lifelong learners
43:43 - Harrington’s next projects
44:33 - Cybersecurity’s education’s future
45:38 - Connect with Harrington
46:50 - Outro
Listen now
Podcast

How to become a secure coder | Cyber Work Podcast

Professional development, Cybersecurity
On today’s podcast Infosec Skills author Chrys Thorsen talks about founding IT Without Borders, a humanitarian organization built to empower underserved communities through capacity building information and communications technology (ICT) skills and information access. She’s also a consultant and educator. And, for our purpose, she is the author of several learning paths on our Infosec Skills platform. She has written course paths for Writing Secure Code in Android and Writing Secure Code in iOS, as well as a forthcoming CertNexus Cyber Secure Coder path.

0:00 - Intro
2:43 - Thorsen’s origin story in cybersecurity
4:53 - Gaining about 40 certifications
6:20 - Cross certification knowledge
7:25 - Great certification combos
8:45 - How useful are certifications?
11:12 - Collecting certifications
13:01 - Changing training landscape
14:20 - How teaching changed
16:36 - In-demand cybersecurity skills
17:48 - What is secure coding?
19:34 - Secure coders versus coders
20:31 - Secure coding in iOS versus Android
22:39 - CertNexus secure coder certification
24:13 - Secure coding before coding
24:42 - Secure coding curriculum
26:27 - Recommended studies post secure coding
26:50 - Benefits to skills-based education
27:43 - Tips for lifelong learning
29:29 - Cybersecurity education’s future
30:54 - IT Without Borders
33:38 - Outro
Listen now
Video

How to use the MITRE ATT&CK matrix

Professional development, Cybersecurity
The MITRE ATT&CK® enterprise matrix outlines how real-world adversaries operate. Use it to help develop your team's cybersecurity skills.
Watch Now
Podcast

Learning Linux is key to building your cybersecurity skills | Cyber Work Podcast

Professional development, Cybersecurity
On today’s podcast Jasmine Jackson takes us through how you can get noticed on your resume, how Linux basics can set you up for learning other aspects of cybersecurity, and how capture the flag (CTF) activities are crucial to enriching your work skills. Jackson has over 10 years of information security experience and shares her passion for cybersecurity by presenting and teaching workshops, including new courses now available in Infosec Skills. She is currently the Jeopardy-style CTF coach for the inaugural U.S. Cyber Games and works as a senior application security engineer for a Fortune 500 company.

0:00 - Intro
3:08 - Jasmine Jackson’s origin story
4:25 - Winning a computer
6:22 - Jackson’s career path
13:46 - Thoughts on certifications
19:10 - Ideal job description
21:01 - Most important cybersecurity skills
22:54 - Linux fundamentals class
25:07 - What does knowing Linux do for you?
26:35 - How to build upon a Linux foundation
28:51 - Benefits to skills training
29:50 - Tips for lifelong learning
31:30 - Coaching in the U.S. Cyber Games
34:26 - How are team members chosen for the games?
37:47 - An intriguing CTF puzzle
41:43 - Where is cybersecurity education heading?
43:36 - Learn more about Jackson
46:33 - Outro
Listen now
Video

How to configure a network firewall

Professional development, Cybersecurity
Learn the basics of setting up a network firewall, including stateful vs. stateless firewalls, setting up access control lists and more.
Watch Now
Webinar & video

CompTIA PenTest+: Everything you need to know about the new exam | Infosec Edge Webcast

Professional development, Certification
CompTIA's PenTest+ certification is being updated to align with the most up-to-date penetration testing skills requested by employers in 2021.
Webinar & video

CompTIA CASP+: Everything you need to know about the new exam | Infosec Edge Webcast

Professional development, Certification
CompTIA's popular CASP+ certification is getting an overhaul heading into 2022 to ensure it validates the most relevant and in-demand skills.
Watch now