Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

CRISC Domain #2 - IT Risk Assessment

Learn all about the IT risk assessment portion of the Certified in Risk and Information System Control certification.
Read More
Article

DARKHOLE: 1 VulnHub CTF Walkthrough

In this article, we will solve a capture the flag challenge ported on the Vulnhub platform.
Read More
Article

CRISC Domain #1 - Governance

Earning a CRISC certification shows that you know how IT risk impacts an organization.
Read More
Article

R-TEMIS: 1 VulnHub CTF walkthrough

In this article, we will solve a Capture the Flag (CTF) challenge posted on Vulnhub.
Read More
Article

Average CSSLP Salary in 2021

Find out what someone with the Certified Secure Software Lifecycle Professional credential can earn.
Read More
Article

SOC 3 compliance: Everything your organization needs to know

Learn about SOC 3 compliance, how it differs from SOC 1 and SOC 2, and how to prepare for a SOC 3 audit.
Read More
Article

Learn the 3 pillars of cyber security risk management and leadership

Cyber security leaders and those in cyber security risk management need to follow three pillars to successfully add value to an organization.
Read More
Article

Red teaming tutorial: Active directory pentesting approach and tools

Organizations widely use Microsoft Active Directory (AD) networks to exchange information and manage their internal and critical infrastructures.
Read More
Article

SOC 2 compliance: Everything your organization needs to know

Learn about SOC 2 compliance, how it differs from SOC 1 and SOC 3, and how to prepare for an SOC 2 audit.
Read More
Article

Application security: Is AppSec the right career for you?

Application security covers various roles, including engineers, managers, analysts, consultants and more. Find out if AppSec is the career for you.
Read More
Article

Cybersecurity Weekly: REvil shuts down, PowerShell flaw, iOS 15 hacked

REvil ransomware shuts down again after Tor sites were hijacked. Microsoft asks admins to patch PowerShell to fix WDAC bypass. Experts hacked a fully patched iOS 15 running on an iPhone 13. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

SOC 1 compliance: Everything your organization needs to know

Learn about SOC 1 compliance, how it differs from SOC 2 and SOC 3, and how to prepare for a SOC 1 audit.
Read More
Article

Cybersecurity professionals share career advice in celebration of Cybersecurity Career Awareness Week

Happy Cybersecurity Career Awareness Week! In celebration of what is arguably the best week of the year, we’re sharing advice for starting or advancing your cybersecurity career from a variety of cybersecurity practitioners.
Read More
Article

Best CDPSE study resources and training materials

Discover the best CDPSE study resources available to help you demonstrate knowledge in the three work-related CDPSE domains.
Read More
Article

HACKABLE: II CTF Walkthrough

In this article, we will solve a Capture the Flag (CTF) challenge posted on Vulnhub.
Read More
Article

Online certification opportunities: 4 vendors who offer online certification exams [updated 2021]

Introduction With most of the workforce working from home these days due to COVID-19, you may be wondering if it is possible to earn a certification or two
Read More
Article

Overview: Understanding SOC compliance: SOC 1 vs. SOC 2 vs. SOC 3

Service providers may need SOC compliance to stay competitive. Learn about the various types of SOC compliance and which to pursue.
Read More
Article

Best CSSLP study resources and training materials

Here are the best CSSLP study resources and training materials available to help you master the eight CSSLP CBK domains.
Read More
Article

JavaScript and web development are key skills for security pros, says Vladimir de Turckheim

JavaScript is one of the most commonly used coding languages in web development. Learn how it can benefit your IT and cybersecurity career.
Read More
Article

Top 30 most exploited software vulnerabilities being used today

Learn more about the 30 exploits most often used in 2020 and 2021.
Read More
Article

Red Team tutorial: A walkthrough on memory injection techniques

Memory injection is a stealthy technique generally used to bypass defenses and inject additional payloads into a PE file or shellcode memory.
Read More
Article

Threat intelligence researcher: Is it the career for you?

The best way to stop a threat is to understand it. That's what cyber threat intelligence is all about. See if it's a good skill set for your career.
Read More
Article

MOMENTUM: 1 VulnHub CTF walkthrough

Take this capture-the-flag activity for a spin for an easy to medium challenge.
Read More
Article

The ransomware paper (part 1): What is ransomware?

Ransomware is everywhere, but it’s not always understood. Keatron Evans breaks down the ransomware fact and fiction based on insights from the trenches.
Read More