Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

CORROSION: 1 VulnHub CTF Walkthrough Part 2

Finish this capture the flag activity to further improve your pentesting skills.
Read More
Article

Passion and perseverance equal success for this inspiring scholarship winner

Scholarship winner Edelia McDaniel proves that anything is possible when you work hard and stay hungry.
Read More
Article

Twitch and YouTube abuse: How to stop online harassment

Find tips on protecting yourself online as a streamer, blogger and influencer on Twitch, YouTube and more.
Read More
Article

Top 6 bug bounty programs for cybersecurity professionals

The best bug bounty programs for security researchers, including objectives, bugs and the potential bounties you can earn.
Read More
Article

How will zero trust change the incident response process?

Find out how Zero Trust security affects the incident response process.
Read More
Article

Understanding hackers: The insider threat

Companies often think of attackers as something that comes from the outside, yet overlook the far more dangerous threat: attackers from within.
Read More
Article

Proper CMMC scoping is key to a smooth CMMC assessment

Here are three ways to ensure your organization is ready for the CMMC assessment scoping process.
Read More
Article

Cybersecurity Weekly: Most popular phishing trends, Microsoft emergency update and a REvil ransomware sting

The most common brands imitated for phishing attempts, a new fix for Windows Server and VPN bugs and a raid on the REvil cybercrime gang. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

ISO 27001 auditing: 6 things to know about auditing training and careers

ISO 27001 is one of the most well-known security management frameworks — and a valuable skill set for auditors, managers and cybersecurity professionals.
Read More
Article

Malware instrumentation with Frida

Learn about DBI with Frida Tools and explore some code and scripts useful during malware analysis.
Read More
Article

Tunneling and port forwarding tools used during red teaming assessments

Learn about popular tools used during red teaming assessments.
Read More
Article

CORROSION: 1 Vulnhub CTF walkthrough, part 1

Solve this capture the flag (CTF) from Vulnhub to increase your pentesting skills.
Read More
Article

Your next security bug won't even be in the software that you wrote

Your in-house developers check their software for security flaws, but the next bug might not come from them. It might come from your digital supply chain.
Read More
Article

This combat medic turned cyber pro says “diversity is required”

Scholarship winner Oriana Lau is on a mission to prove the value of a female perspective in cybersecurity — and pave the way for fellow veterans and girls.
Read More
Article

Can your personality indicate how you’ll react to a cyberthreat?

Do specific personality types react to social engineering differently? If so, can we use that data to make our security awareness campaigns more effective?
Read More
Article

Security in Action Framework: Determine if an MSSP is a good fit for you

The Security in Action Framework is interactive and customizable — and the best approach to working with MSSPs to achieve better security outcomes.
Read More
Article

Paraben CEO shares the importance of creative thinking in digital forensics

We spoke with Amber Schroader, CEO of Paraben, to talk about the traits and tools digital forensics investigators need to solve cybercrimes.
Read More
Article

EVILBOX: ONE VulnHub CTF Walkthrough

Test your cybersecurity skills with this capture the flag activity.
Read More
Article

ISC2 CGRC domain #7: Continuous monitoring

Learn about domain 7 of the Certified in Governance, Risk and Compliance certification — continuous monitoring.
Read More
Article

ISC2 CGRC domain #6: Authorization and approval of information system

Learn all about CGRC domain 6, Authorization, and how to prepare for the certification exam.
Read More
Article

Understanding hackers: The 5 primary types of external attackers

In order to defend, it’s important to understand who the attacker is and what motivates them.
Read More
Article

ISC2 CGRC domain #5: Assessment and audit of security and privacy controls

Look at some of the most important facts about domain 5 of the CGRC exam and how they relate to real-world applicability and usefulness.
Read More
Article

Cybersecurity Weekly: Mitigating ransomware risks, new iOS privacy report and privacy predictions for 2022

Balancing people, skills & technology to reduce risk, iPhone offers new transparency into app data and predictions for 2022 privacy concerns. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

DEATHNOTE: 1 VulnHub CTF walkthrough

Complete this capture the flag challenge to increase your cybersecurity skills.
Read More