Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Cybersecurity Weekly: Scam cryptocurrency apps, PayPal spoofing, CEO impersonation scams

Scam crypto investment apps, hackers spoofing popular brands to phish victims, and preventing CEO impersonation scams. All these and more in this week's edition of Cybersecurity Weekly.
Read More
Article

Third-party authentication (OAuth): Good or bad for security?

How does third-party authentication work and what happens if social media login fails?
Read More
Article

Two basic actions that reduce enterprise cyber risk by 60%

Recent events have increased the likelihood of at cyber-attacks against critical infrastructure. Here are two things to reduce your risk.
Read More
Article

How to use the MITRE ATT&CK Matrix for Enterprise: Video walkthrough

Learn how to effectively use the MITRE ATT&CK matrix and develop your and your security team’s cybersecurity skills.
Read More
Article

4 key takeaways from the 2022 Verizon DBIR report

Here's what cybersecurity professionals need to know about the latest version of the Verizon Data Breach Investigations Report (DBIR).
Read More
Article

A DevSecOps process for ransomware prevention

Ransomware is possibly the most severe cybersecurity threat facing organizations today. There are multiple attack vectors. One of the ways ransomware infects
Read More
Article

How to learn and pass your next certification exam

What do you want to learn next? Where do you want to be in the next six months or year? Use these learning tips to help hit your goals.
Read More
Article

Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity

Since training with VetsinTech and Infosec, Tom earned his Security+ and AWS Cloud certifications and landed a security engineer role at Caterpillar.
Read More
Article

API Security: How to take a layered approach to protect your data

Learn how a layered approach to API security can help organizations balance cost and efficacy.  
Read More
Article

SOC analyst salary: Entry, mid and senior analysts’ earnings in 2022

A security operations center (SOC) analyst’s job is to monitor an organization’s IT infrastructure for potential threats. These professionals usually work as
Read More
Article

Cybersecurity Weekly: AiTM phishing attack, how to spot social engineering personas, CISA patch order

A new AiTM phishing attack can skip MFA, scammers posing as cybersecurity companies to install malware, and how to spot fake personas used for social enginee
Read More
Article

Four examples of human error in cybersecurity — and how to fix them

What kind of human errors cause cybersecurity risks to increase, and how can you stop them?
Read More
Article

How PCI DSS acts as an (informal) insurance policy

The Payment Card Industry Data Security Standard, or PCI DSS, is a set of measures designed to help protect customers’ data and reduce credit card fraud.
Read More
Article

Top 7 tools for intelligence-gathering purposes

Experts can often collect significant artifacts related to the authors behind the analyzed scenarios during cybersecurity exercises, including details such a
Read More
Article

Sunnyday ransomware analysis

Get up-to-the-minute facts about Sunnyday ransomware, which has been infecting users since March 2022.
Read More
Article

SOC analyst career path: Job description, levels and career progression

A high-level overview of the SOC analyst career path and the responsibilities, skills and experiences required to successfully perform at each level.
Read More
Article

Cybersecurity Weekly: Ransomware payment prohibition, DoJ files charges for fake Cisco gear, Google improving privacy after Roe v. Wade ruling

Ransomware payment prohibition spreading, fake cisco gear puts CEO in DoJ sights, and Google deleting sensitive medical locations from user history. All these and more in this week's edition of Cybersecurity Weekly.
Read More
Article

Five ethical decisions cybersecurity pros face: What would you do?

Some examples of ethical dilemmas faced by cybersecurity professionals: What would you do?
Read More
Article

CompTIA A+ domain 9: Operational procedures — What you need to know for the exam

Learn what you need to know to prepare for CompTIA A+ Domain 9: Operational Procedures
Read More
Article

Cybersecurity Weekly: Verified Twitter accounts hacked, cryptocurrency phishing attack, Facebook business data-harvesting campaign

Verified Twitter account hacked causing chaos, cryptocurrency phishing attack targets financial industry, and Facebook Business pages targeted in data-harves
Read More
Article

CompTIA A+ renewal process [2022 update]

Learn the why, when and how of renewing your A+ certification.
Read More
Article

CompTIA A+ domain 1: Mobile devices — What you need to know for the exam

Get to know domain 1 of the A+ certification exam to help you prepare for your exam.
Read More
Article

CompTIA A+ domain 2: Networking — What you need to know for the exam

Want to learn more about domain 2 of the CompTIA A+ exam? Read this article to learn what you need to know.
Read More
Article

Cybersecurity Weekly: New cybersecurity laws signed, Log4Shell still targeted, LinkedIn cryptocurrency scams on the rise

Two new cybersecurity bills signed into U.S. law, Log4Shell vulnerability still being targeted, and how LinkedIn cryptocurrency scams are on the rise. All these and more in this week's edition of Cybersecurity Weekly.
Read More