Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Infosec Skills author Vladimir de Turckheim explains the importance of hands-on Node.js security experience

There is a hands-on experience gap in traditional security education. Hands-on experience not only helps in developing transferable skills but also builds on problem-solving abilities.
Read More
Article

Infosec Skills author Matthew Campagnola is forging a new path in ICS security

"I coalesce broad themes that I've had to embody over the past couple of years. The course crosses a lot of different areas, and they're very broad, but that's deliberate." 
Read More
Article

BAHAMUT: Uncovering a massive hack-for-hire cyberespionage group

Introduction In October 2020, the BlackBerry Research Operations team released a comprehensive report highlighting the reach, tradecraft and sophisticated t
Read More
Article

Ask us anything about developing security talent and teams (session #2)

Organizations of all sizes continually struggle to address modern-day cybersecurity talent supply and demand disparities. Thankfully, there are experts out t
Read More
Article

Top five open source intelligence (OSINT) tools [updated 2021]

In this article, we will look at the top five open-source intelligence tools.  Before we jump directly into the tools, it is essential to understand what
Read More
Article

Ask us anything about security awareness, behavior & culture (session #2)

It is vital that cybersecurity programs find a balance between securing the operations that their businesses rely on and enabling them to work effectively. A
Read More
Article

RansomExx: The malware that attacks Linux OS

RansomExx is the new malware used by criminals to attack both Windows and Linux environments. With companies using a mixed environment of Windows and Linux s
Read More
Article

Protocol analysis using Wireshark

Protocol analysis is examination of one or more fields within a protocol’s data structure during a network investigation. Understanding the bits and pieces o
Read More
Article

Wireless analysis

In this article, we will discuss how to perform wireless analysis, specifically on Wi-Fi networks. We will perform active packet capturing by using an extern
Read More
Article

How to use Microsoft DirectAccess

When you are physically located at an organization's site, it is relatively straightforward to present users with an experience that is consistent across the
Read More
Article

Influencing security mindsets to build a culture of cybersecurity

Cybersecurity specialists aren’t the only people who play an indispensable role in protecting businesses from cyberattacks. Every employee who uses the inter
Read More
Article

How to protect a Windows 10 host against malware

Contrary to popular belief, malware is not a Space Cowboy costume — that would be "Mal Wear." Malware is the shortened form of "Malicious Software", a term t
Read More
Article

Gamification — Cybersecurity’s turn to play

Games are everywhere, but is there room for gamification in the workplace — especially when it comes to vital business functions like security awareness and training?
Read More
Article

Log analysis

Log analysis counts for a lot in an investigation, and this article provides a gentle introduction to log analysis. Log analysis is exactly what it sounds li
Read More
Article

Network security tools (and their role in forensic investigations)

The effectiveness of network forensics is closely related to the network security tools used in an organization. We have covered common enterprise security s
Read More
Article

Developing security talent and teams: A roundtable discussion

During the Infosec Inspire Cyber Skills Summit, we had the chance to gain valuable insights on developing talent from a panel of leading cybersecurity profes
Read More
Article

Sources of network forensic evidence

One of the key aspects of any successful forensic investigation is the evidence collection phase. Identifying the sources of evidence while investigating an
Read More
Article

Linux security and APTs: Identifying threats and reducing risk

Introduction Think your Linux system is immune to malware? Well, think again. Advanced attack groups have sophisticated PHP rootkits, web shells, exploit co
Read More
Article

Unpatched address bar spoofing vulnerability impacts major mobile browsers

Introduction A number of web browsers have been affected by an address bar spoofing vulnerability that could lead to malware infections and successful spear
Read More
Article

Network Security Technologies

Knowledge of various network security technologies greatly aid in Network Forensic Investigations. This article outlines some network security technologies t
Read More
Article

Infosec Skills author teaches people-process-technology approach for "secure software development"

"Technology is as good as the processes implemented around it, and processes are as good as the people who execute them, so never stop learning, "John said.
Read More
Article

Infosec Skills author Joseph South found "love at first sight" in cybersecurity

"I'm not teaching you different theories of how you would penetrate a network based on some book written by someone that hasn't done it in 10 years," he said. "I'm teaching you things that I did last week at work that are working."
Read More
Article

Hack the Box (HTB) machine walkthrough series: Vault

Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is of an HTB machine named V
Read More
Article

Flip the funnel: Fixing the cybersecurity talent pipeline challenge

Organizations of all sizes are dealing with a critical challenge: the demand for cybersecurity talent continues to grossly outpace the supply of available an
Read More