Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Hospital Security

Data breaches are major threats to hospital security that come in various forms. They include cases involving criminal hackers wanting to steal the protected
Read More
Article

Security Awareness for Healthcare Facilities

Every day cyber-attackers are compromising our digital identity. The threats are getting more sophisticated with every passing day and new ways of stealing h
Read More
Article

Hospital security policies & procedures

Providing services for healthcare brings many complexities, and risk management professionals need to consider this seriously. However, issues such as accred
Read More
Article

What Does Security Awareness Mean for Doctors, Nurses and Hospital Staff?

On August 4th this year, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) fined Advocate Health Care Network $5.5 million for
Read More
Article

Security Awareness for Healthcare Professionals

The healthcare industry has experienced a major change with electronic records enablement which replaced traditional paper-based medical records. This shift
Read More
Article

The Heart of It All – The Biometric Sensor

Overview of the Last Article Our last article reviewed the Biometric KPIs and standards which have been set forth and established by both industry and govern
Read More
Article

Reversing Binary: Spotting Bug without Source Code

Abstract The proficiency to unravel the complexities of a target software is called reverse engineering or just reversing. Software attackers manipulate or b
Read More
Article

Application Logs & Developer Backdoors

Background: In the previous article, we have discussed the basics of DLL Hijacking vulnerabilities and how one can find and exploit DLL Hijacking vulnerabi
Read More
Article

DLL Hijacking using Damn Vulnerable Thick Client App

  Background: Welcome to the part 7 of Practical Thick Client Application Penetration Testing using Damn Vulnerable Thick Client App (DVTA). In the prev
Read More
Article

An Introduction to Biometric Key Performance Indicators and Standards

Overview of the Last Article In all of the articles we have covered thus far, we have covered a wide range of Biometric technologies. These have ranged from
Read More
Article

Reversing & Patching .NET Applications using Damn Vulnerable Thick Client App

  Background: [pkadzone zone="main_top"] In the previous article, we have discussed how .NET applications can be Reverse Engineered using dotPeek to vie
Read More
Article

Reversing & Decrypting Database Credentials using Damn Vulnerable Thick Client App

  Background In the previous article, we have discussed injection attacks in Thick Client Applications specifically in DVTA. In this article, we will di
Read More
Article

The Most Controversial Biometric of All – Facial Recognition

Overview of the Last Article Our last article reviewed at length the latest Biometric modality to come, which is Vein Pattern Recognition, also known as VPR.
Read More
Article

ActiveX Security Model

Abstract Modern browsers act as a thin client by executing untrusted or portable code called Mobile Code. For example, windows media player too could be us
Read More
Article

Perfect SAP Penetration Testing: Threat Modeling

A penetration test is the practice of attacking an IT infrastructure to evaluate its security and determine whether malicious actions are possible. Although
Read More
Article

Network discovery tools

Network discovery is a process of identifying or mapping internal networks. In this process, a particular computer can communicate to another computer on the
Read More
Article

Solving the VulnOS 2 Lab

Introduction Solving laboratories is one of the best hacking practices. In a virtual machine, under a controlled environment, Penetration Testers and Securit
Read More
Article

Linux Malware: Novelties in the Threat Landscape

Introduction In the last couple of years, security firms have observed an increasing number of malware specifically designed to target Linux-based systems. L
Read More
Article

Vein Pattern Recognition

As it was reviewed in the last article, Hand Geometry Recognition is the oldest Biometric Technology of all. It has its originations going back to the 1960s,
Read More
Article

Hackable Medical Devices

Introduction Technology in healthcare has gone through incredible changes over the years. There are multiple options for wearable or implantable biomedical
Read More
Article

Other Healthcare IT Regulations

When most people think of regulations that affect the healthcare IT industry, they tend to think of the Health Insurance Portability and Accountability Act (
Read More
Article

Injection Attacks Using DAMN Vulnerable Thick Client App

Background: In the previous article, we have seen some of the common data storage issues in Thick Client Applications specifically in DVTA. In this article,
Read More
Article

HITECH Act and IT Security

Any company working in the health care industry needs to be aware of the laws they are expected to follow. Breaking them won’t just put their organization in
Read More
Article

HIPAA Security Checklist

HIPAA security compliance needs to be a concern to any company in the healthcare industry. If you want help taking steps toward compliance, the following che
Read More