Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Webcast & video

Inside Capital One’s game-changing breach | Cyber Work Applied

The Capital One data breach involved two of the world's largest organizations and new legal precedents that impact how cybersecurity professionals operate.
Watch Now
Webcast & video

Executing the Sandworm APT with MITRE ATT&CK | Cyber Work Applied

Learn the techniques the Sandworm APT hacking group used to compromise, pivot from and destroy a server. Then try to do it yourself.
Watch Now
Webcast & video

Inside a DDoS attack against a bank | Cyber Work Applied

Distributed denial-of-service attacks are often used to disrupt websites. Learn how one bank got attacked and what they did to stop it.
Watch Now
Webcast & video

Privilege escalation via cross-site scripting with MITRE ATT&CK | Cyber Work Applied

Learn how certain cross-site scripting vulnerabilities can be exploited for a privilege escalation attack. Then dive in and try it yourself.
Watch Now
Webcast & video

How Zoom is being exploited for phishing attacks | Cyber Work Applied

Zoom is one of the most popular meeting tools. Learn how threat actors were leveraging that popularity in a successful phishing campaign.
Watch Now
Webcast & video

Persistence: Maintaining a foothold with MITRE ATT&CK techniques | Cyber Work Applied

Learn how threat actors use MITRE ATT&CK® persistence techniques to maintain a foothold in an environment. Then try the techniques yourself.
Watch Now
Webcast & video

Extortion: How attackers double down on threats | Cyber Work Applied

You’ve just been breached or threatened with a cyberattack. Now comes a new extortion demand, pay up now — or it’s only going to get worse.
Watch Now
Webcast & video

Understanding identification, authorization and authentication | Cyber Work Applied

Someone's trying to gain access, but are they who they say they are? That's what the different methods of identification are all about.
Watch Now
Webcast & video

Advanced adversary tactics and defense evasion with MITRE ATT&CK | Cyber Work Applied

Learn how advanced persistent threat groups use defense evasion to stay hidden. Then open our cyber range and test your evasion skills.
Watch Now
Webcast & video

Getting started in cybersecurity | Cyber Work Applied

Cybersecurity is one of the fastest-growing career fields. Learn how to break into the industry — and what you can do to get started now.
Watch Now
Webcast & video

Secure cloud computing: What you need to know | Cyber Work Applied

How do you keep data secure when migrating to the cloud, and who's responsible for that security? Keatron Evans explains.
Watch Now
Webcast & video

How to use Nmap and other network scanners | Cyber Work Applied

What's on your network, or someone else's? Mike Meyers demonstrates how to use free network scanning tools like Nmap, Zenmap and advanced port scanner.
Watch Now
Webcast & video

Password security: Using Active Directory password policy | Cyber Work Applied

How do you enforce a secure password policy? Learn how to implement Windows local and group password policies.
Watch Now
Webcast & video

Using AI to level up phishing attacks | Cyber Work Applied

See a live demo of a phishing attack. Learn how cybercriminals are using AI to make them more effective — and more dangerous.
Watch Now
Webcast & video

Connecting a malicious thumb drive: An undetectable cyberattack | Cyber Work Applied

Is the thumb drive you found safe, or will it launch a nearly undetectable cyberattack that gives a cybercriminal control of your device?
Watch Now
Webcast & video

4 network utilities every security pro should know | Cyber Work Applied

Command-line utilities are useful in a variety of scenarios. Learn how, and when, you can use Ping, Netstat, Traceroute and ARP in this episode of Cyber Work Applied.
Watch Now
Webcast & video

How to configure a network firewall | Cyber Work Applied

Learn the basics of setting up a network firewall, including stateful vs. stateless firewalls, setting up access control lists and more in this episode of Cyber Work Applied featuring Infosec Skills author Mike Meyers.
Watch Now
Webcast & video

5 ways to prevent APT ransomware attacks | Cyber Work Applied

Advanced Persistent Threat groups' involvement in ransomware campaigns has made them nearly unstoppable. Learn how you can slow them down in this episode of Cyber Work Applied.
Watch Now
Webcast & video

Cybersecurity awareness training: Faculty, staff & students, oh my!

Learn how higher ed institutions are building a culture of cybersecurity with fun, engaging awareness and training programs.
Watch Now
Webcast & video

Digital forensics careers: Fact vs. fiction

What's it really like to work in digital forensics? Find out in this episode of Cyber Work Live.
Watch Now
Webcast & video

Skills training value: How to differentiate your staff and your organization from the rest

Learn how Infosec Skills can help upskill your employees and help your clients.
Watch Now
Webcast & video

Learning ≠ Education: How people really learn and what it means for security training

What drives employees to learn, and how can you truly change employee behavior? Learning and development vet Nick Shackleton-Jones explains.
Watch Now
Webcast & video

Security awareness training: 4 employee behaviors that matter most

Level up your security awareness training program — and instill best practices in employees that will keep them (and your organization) secure year-round.
Watch Now
Webcast & video

How to do application security right in your organization

Best-selling author Ted Harrington explains how to avoid application security mistakes, maximize organizational investment and gain a competitive edge.
Watch Now