Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Inspecting Deep Web Links

Introduction If you have ever decided to explore what on earth someone can find on the so-called 'Deep Web,' then you have probably gone through the pain wer
Read More
Article

Most Exploited Vulnerabilities: by Whom, When, and How

Top Ten Vulnerabilities included in Exploit Kits Which are the most exploited vulnerabilities by hackers in 2016? Who used them and how? Let's start from a s
Read More
Article

The System Networking of Biometrics

Overview of Last Articles Our past articles (in total, five of them) have reviewed what it takes to procure and deploy a Biometric System. As it was reviewed
Read More
Article

Software Security - Anti-Patching

Introduction In this series of articles, we will discuss some of the techniques that will help better protect our software against reverse engineering. This
Read More
Article

Guideline to develop and maintain the security operation center (SOC)

This article is written to explain the strategy, planning, execution in building and maintaining of SOC. The aspect of building SOC is complex, so many thing
Read More
Article

Understanding CREST

Pentesting is becoming more and more an important part of the IT security plans of businesses in all industries. Pentesters can help companies identify, quan
Read More
Article

SecurityIQ, AwareEd, and PhishSim User’s Manual, Pt. 7: Account Settings

Objectives Once you have completed this section, you will be able to:[pkadzone zone="main_top"] Apply custom branding to your SecurityIQ portal Set the def
Read More
Article

2017 Cyber Security Predictions

A look at the 2016 predictions This is the period of the year when we verify the cyber security predictions made last year trying to imagine the evolution of
Read More
Article

Online Shopping and the Threats Surrounding It

Online shopping has made life much easier than it was ever before. But the same formula of convenience is equally applied on cybercriminals too, who lurk the
Read More
Article

Deploying Biometrics: The Database Aspect

Overview of the Last Article In any business or corporation, change is always a must. Whether it is for strategic or operative reasons, to flourish, change
Read More
Article

The Cybersecurity Market 2016 and future predictions: How to Deal with 100s of Solutions

I hope you haven't forgotten my previous article about the cyber security market and companies it consists of. Now we are going to pursue the topic. So, we h
Read More
Article

HIPAA Security Rule

What is the HIPAA security rule? The Health Insurance Portability and Accountability Act (HIPAA) is a US law that came into force in 1996 in order to ensure
Read More
Article

Pentesting ICS Systems

Security of ICS systems is one of the most critical issues of this last year. In this article, we will have a brief introduction to ICS systems, risks, and f
Read More
Article

Pentesting Systems and Platforms: Other OS Distributions, Suits, and Environments

  Cyber security researchers and professionals perform penetration testing to find vulnerabilities in a system before an attacker exploit it. Penetratio
Read More
Article

Ransomware-based attacks: Should you pay the ransom?

Introduction Ransomware represents one of the most dangerous cyber threats for netizens and private companies across the world. In the criminal underground,
Read More
Article

Denial of Service Attack

In this post, we examine the DoS (Denial of Service attack), how it works, what's the impact of such an attack, and some tools to perform this kind of exploi
Read More
Article

About Rapid 7

Rapid 7 is a well-known security solution provider that is devoted to providing services and products to protect, detect and response the security incidents.
Read More
Article

Deploying Biometrics: The Modality Aspect

Overview of the Last Article As our last two articles have reviewed, the procurement and deployment a full blown Biometric system at a corporation or busines
Read More
Article

Penetration testing methodologies and standards

Cybercriminals are targeting personal and corporate information by using different attacking vectors. The main reason behind their success is the lack of eff
Read More
Article

SkyDog Con CTF - Catch Me If You Can

In this challenge there are eight flags are in the form of flag {MD5 Hash} such as flag{1a79a4d60de6718e8e5b326e338ae533}. We hosted the VM in virtualbox di
Read More
Article

Code execution and privilege escalation – Databases

In this article, we will have an in depth at some very uncommon techniques for gaining a remote code execution on uncommon databases and escalating privi
Read More
Article

An Overview of the Payment Card Industry (PCI)

The payment card industry consists of all the organizations which store, process and transmit cardholder data and carry transactions through debit and credit
Read More
Article

Pros and cons in penetration testing services: The debate continues

Those who keep up with current events on InfoSec are aware of the increasing number of significant cyber data breaches impacting industries like health care,
Read More
Article

Metasploit cheat sheet

Metasploit is a framework and not a specific application. As a framework, the user can build their own specific tools that can be used for specific tasks. It
Read More