Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

U.S. federal agency hack and the return of FakeCalls Android malware

Cybercriminals use an old software bug to hack a U.S. federal agency, FakeCalls Android malware returns with new capabilities and Samsung Exynos chipset flaw
Read More
Article

Secure cloud computing: What you need to know

APT groups are behind recent ransomware campaigns. Learn five ways you can prevent your organization from becoming the next victim.
Read More
Article

Security engineer: Degree vs. certification

Everyone loves the versatility of a jack-of-all-trades. Be it the functionality of a Swiss Army knife, the variety of an all-you-can-eat buffet or the flavor
Read More
Article

Massive AT&T data breach and fake jobs targeting security researchers

AT&T data breach exposes 9 million user accounts, North Korean adversaries target security researchers with fake job offers and the IceFire ransomware. C
Read More
Article

How to configure a network firewall: Walkthrough

Learn the basics of configuring a network firewall in this episode of Cyber Work Applied featuring Infosec Skills author Mike Meyers.
Read More
Article

Top 5 security engineer resume tips

The role of cybersecurity engineer The cybersecurity engineer role has been around for decades and is constantly evolving. You'll want to keep your resume c
Read More
Article

Cybersecurity engineer: CyberSeek

For many in the cybersecurity field and those considering cybersecurity as a career focus, the most coveted position is cybersecurity engineer. Cybersecurity
Read More
Article

Top 10 security engineer interview questions and answers

Cybersecurity engineers must deal with high-pressure situations while remaining calm and knowledgeable — and sometimes, this extends to the interview itself!
Read More
Article

U.S. Marshals service breach and TPM 2.0 security flaws

Hackers steal sensitive data from U.S. Marshals Service systems, TPM 2.0 security flaws could allow cybercriminals to steal cryptographic keys and the MQsTTa
Read More
Article

How to set up a phishing attack with the Social-Engineer Toolkit

See a live demo of a phishing attack using the Social-Engineer Toolkit and learn how cybercriminals are using AI to make them more effective.
Read More
Article

Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional

Shaz Baig, an Accelerate Scholarship winner, veteran, and cybersecurity professional, shares his keys to success in the field and his goals for the future.
Read More
Article

Security engineer certifications

It may be a bit counterintuitive to say this, but cybersecurity engineers, also known as security engineers, are not the only people looking for or needing c
Read More
Article

Top 5 things you must know to pass the AWS Security Specialist exam

Learn what to study to pass the AWS Security Specialist exam!
Read More
Article

Dangerous ChatGPT apps and food giant Dole ransomware attack

Cybercriminals use fake ChatGPT apps to spread Android and Windows malware, novel S1deload stealer hijacks social media accounts and the Activision data brea
Read More
Article

Extortion: How attackers double down on threats

You’ve just been breached or threatened with a cyberattack. Now comes a new extortion demand. Learn how these extortion attacks work.
Read More
Article

Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk

Cyber Work Podcast host Chris Sienko shares insights from December 2022 episodes, including Intelligence-led pentesting, the US Cyber Games and data/security/cloud skills
Read More
Article

GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware

GoDaddy reveals a security breach led to malware on customer sites, Cloudflare mitigates record-breaking HTTP DDoS attack and the WhiskerSpy backdoor. Catch
Read More
Article

Advanced adversary tactics and defense evasion: Lab and walkthrough

Learn how advanced persistent threat groups use defense evasion to remain undetected in this walkthrough with Keatron Evans.
Read More
Article

Working across multiple cloud service providers: CSP security learning path

Cloud, misconfiguration and learning to work across multiple cloud service providers as a cloud security engineer.
Read More
Article

Cybersecurity in Biden’s era

With President's Day here, the 18th nationally appointed cybersecurity awareness month behind us, and Joe Biden's presidency at its midpoint—let’s review how
Read More
Article

Cloud security engineer interview questions and answers

Learn all about the cloud security engineer role.
Read More
Article

Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware

Hackers phish Reddit employees to steal internal documents, North Korean hackers extort healthcare firms and the custom Screenshotter malware. Catch all this
Read More
Article

Privilege escalation via cross-site scripting: Lab and walkthrough

Learn how threat actors use MITRE ATT&CK® persistence techniques to maintain a foothold in an environment. Then try the techniques yourself.
Read More
Article

4 network utilities every security pro should know: Video walkthrough

When can a certain network utility do the most good for you? Learn how and when you can use Ping, Netstat, Traceroute and ARP in this video.
Read More