Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Fast-growing field of DevSecOps is opportunity for IT pros

DevSecOps is a cultural shift in the way software is brought to market. Learn how to bake security into software as it’s being developed.
Read More
Article

A full analysis of the BlackMatter ransomware

Learn how the BlackMatter malware works, about its presence on the dark web, and how to prevent the threat from affecting you.
Read More
Article

Infosec Inspire 2021 Inductee Josh Hamit: A security career full of hustle and humility

2021 Infosec Hall of Fame Inductee Josh Hamit's career is full of hustle and humility, which now allows him to give back to the community that shaped him.
Read More
Article

Infosec Inspire 2021 Hall of Fame Inductee: Lili-Ann Mitchell

Lili-Ann Mitchell is a security veteran with 25 years working in incident response. She is a strong advocate of making security more effective through collab
Read More
Article

Homeland Security's Cyber Talent Management System (CTMS)

Find out all you need to know about the Department of Homeland Security's Cyber Talent Management System.
Read More
Article

Cybersecurity awareness: What it is and how to start

What is cybersecurity awareness and how can it help keep your organization safe from cyberattacks? Infosec CEO Jack Koziol explains.
Read More
Article

FUNBOX: SCRIPTKIDDIE VulnHub capture the flag walkthrough

In this article, we will solve a Capture the Flag (CTF) challenge posted on the VulnHub website.
Read More
Article

Infosec Inspire 2021 Inductee Sal Salisbury: A career and life of resilience and perseverance

Sal Salisbury, a 2021 Infosec Hall of Fame inductee, has served his country in more ways than one, always dedicated to helping others grow in the industry.
Read More
Article

The most common cyber threats facing SMBs and how to prevent them

SMBs have been hammered by cybercrime this year. Good security practices and training are crucial to keep them safe.
Read More
Article

HMS: 1 VulnHub CTF Walkthrough

In this article, we will solve an easy capture-the-flag challenge posted on the Vulnhub platform.
Read More
Article

CMMC-AB code of professional conduct: What you need to know

The CMMC-AB code of professional conduct consists of guiding principles to help professionals navigate the challenges ahead.
Read More
Article

Security a top priority for Java developers, says Infosec Skills author Larry Ricker

Java is the programming language that makes thousands of applications and websites work seamlessly. Learn how to secure it.
Read More
Article

PrintNightmare CVE vulnerability walkthrough

We explore the local privilege escalation flaw from the Print Spooler service.
Read More
Article

Building your FedRAMP certification and compliance team

How to build a FedRAMP certification and compliance team at your company.
Read More
Article

Cybersecurity Weekly: Babuk decryptor, QR codes in phishing attacks, cloud supply chain threat

Avast released a free decryptor for Babuk ransomware. QR codes help attackers sneak emails past security controls. The SolarWinds attacker targets cloud service providers in a new supply chain threat. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

Inside 1,602 pentests: Common vulnerabilities, findings and fixes

Learn about the major findings of Cobalt’s The State of Pentesting 2021 report
Read More
Article

DR4G0N B4LL: 1 VulnHub CTF Walkthrough

In this article, we will solve a capture the flag (CTF) challenge posted on Vulnhub.
Read More
Article

How to transform compliance training into a catalyst for behavior change

Learn how Inflection Point Systems transformed compliance-first training into a catalyst for employee behavior change.
Read More
Article

PYLINGTON 1: VulnHub CTF Walkthrough

In this article, you will solve a capture the flag (CTF) challenge posted on Vulnhub.
Read More
Article

CRISC Domain #4 - Information Technology and Security

Explore domain #4 of the CRISC certification exam, Information Technology and Security, and recent changes to the CRISC job practice.
Read More
Article

A full analysis of Horus Eyes RAT

Malware and trojan bankers, in particular, are the most critical and emergent threats observed during this last decade.
Read More
Article

CRISC Domain #3 - Risk Response and Reporting

Find out the details of domain #3 of the CRISC certification exam, Risk Response and Reporting.
Read More
Article

HTML5 security skills last a lifetime for developers and cybersecurity pros

HTML5 is the backbone of modern websites and web applications. Learning HTML5 security gives IT and cybersecurity pros a lifetime of valuable skills.
Read More
Article

Critical software security guidance issued by NIST

Explore the five best practices in cybersecurity risk mitigation for all organizations based on NIST's Security Measures for EO-Critical Software Use.
Read More