Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Designing the perfect security awareness newsletter

Building a great security awareness program starts with communication, and a security awareness newsletter is one of the best ways to reach employees.
Read More
Article

Interview: Patrick Oliver Graf, NCP engineering

Patrick Oliver Graf is CEO, Americas, of NCP Engineering. His company sells its remote-access VPNs to government agencies and other organizations. A total of
Read More
Article

Buffer overflow and format string attacks: the basics

I have come across various analysts who want to learn how buffer overflow and format string attacks actually occur. Articles we read on the web are usually a
Read More
Article

The Perils of Inadequate Key Size in Public Cryptosystems

A public-key cryptosystem is an asymmetric cryptosystem where the public key and the private key form a mathematically related key pair. The public key acts
Read More
Article

A Security Awareness and Training Policy Checklist

[download]Download the BEST PRACTICES FOR DEVELOPING AN ENGAGING SECURITY AWARENESS PROGRAM whitepaper[/download] Learn the best practices for developing a s
Read More
Article

Debugging Apps on Android Emulator Using GDB

This article shows how to debug a process running on a rooted Android device or emulator. Debugging a process is an essential task in order to find memory co
Read More
Article

Cyber Attacks on the Power Grid: The Specter of Total Paralysis

The Incidents Imagine that one day you wake up and trading is halted on the New York Stock Exchange (NYSE) floor; meanwhile systems at United Airlines and th
Read More
Article

Hackers Selling Healthcare Data in the Black Market

With the drastic increase in Cyber Crime, the healthcare industry is a potential target for data hungry hackers. Patient safety may not directly relate to da
Read More
Article

Securing Cookies Using HTTP Headers

In the previous articles in this series on defending against web attacks using HTTP headers, we have seen the usage of X-Frame-Options and X-XSS-Protection h
Read More
Article

Cloud Security Monitoring with Open-Source Tools

Introduction Security is an important aspect of our IT world, because there are many breaches in various companies taking place on a daily basis. There are m
Read More
Article

Interview: Chris Camejo, Director of Assessment Services for NTT Com Security

Chris Camejo, Director of Assessment Services for NTT Com Security (formerly Integralis), comes from a technical assessment background, having personally coo
Read More
Article

NodeJS Security for Beginners

Introduction: NodeJS is an extremely powerful and lightweight technology, which is being widely adopted. Just like any other technology sometimes developers
Read More
Article

5 Reasons Your Business Needs a Data Recovery Partner

Have you considered a data recovery partner to help your business or client in the event of a data emergency? While not every business owner may have thought
Read More
Article

Cyber savvy? Take a Quick Security Awareness Quiz to Find Out

So you think you are cyber-savvy knowledgeable in the cyber security risks you face every day in the digital world? Take this quick security quiz and find ou
Read More
Article

Maligno: An Open Source Pentesting Tool

Today I want show you a new tool that could help in your penetration testing activity. Maligno is an open source penetration-testing tool under the FreeBSD l
Read More
Article

Playing Hide-and-Seek with Metadata

We often go on at length about master data, reference data and hierarchies. After all, we discover and analyze these datasets, avoid duplicating them, insist
Read More
Article

Rootkits: Kernel Mode

We have learned in part one of this series about the Rootkits and how they operate in User Mode; in this part of the series we will up the ante and look at t
Read More
Article

Are You InfoSec Geek Enough? Take This Quiz and Let’s See What You Got!

I have prepared a simple quiz for you guys out there who are brave enough to test if you really are a certified InfoSec geek. Take note of the questions sinc
Read More
Article

35 Awesome InfoSec Influencers You Need to Follow

I would like to share some security researchers and information security professionals you might have missed following. I think they deserve credit and some
Read More
Article

Rootkits: User Mode

In this article, we will learn about what rootkits are and how they operate. The focus will be on two types of Rootkits exploits: User Mode & Kernel Mode
Read More
Article

Interview: Steve Lufkin, CEO of Vantix Diagnostics

Steve Lufkin is CEO of Vantix Diagnostics, a ground-breaking healthcare technology platform that runs the most common blood tests providing results instantly
Read More
Article

15 Must Have Books for InfoSec Enthusiasts and IT Security Professionals

Aside from security articles, podcasts and videos, books are great resources for developing new skills, improving one's career growth, and gaining extensive
Read More
Article

Lessons from Deficient Java Applet-based Authentication

Java Applets are bytecodes that are delivered via the browser, and executed using the Java Virtual Machine (JVM) at the client-side. Java Applets can access
Read More
Article

Animal Farm APT and the Shadow of French Intelligence

Babacar and Casper Almost every government is working to improve its cyber-capabilities. The majority of them already have in their arsenal powerful espionag
Read More