Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

5 ways to prevent APT ransomware attacks

APT groups are behind recent ransomware campaigns. Learn five ways you can prevent your organization from becoming the next victim.
Read More
Article

Federal privacy and cybersecurity enforcement — an overview

Learn a quick overview of the federal government’s privacy and cybersecurity laws.
Read More
Article

Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity

How VetsInTech helped a career Army medic achieve his goal of becoming a cybersecurity professional and his advice for other veterans
Read More
Article

The ultimate guide to DoD 8570 certification and compliance

Everying you need to know about the Department of Defense's 8570 Directive.
Read More
Article

How does hashing work: Examples and video walkthrough

What is password hashing? Infosec Skills author Mike Meyers explains how a hash works and demonstrates common hashing use cases.
Read More
Article

4 mistakes every higher ed IT leader should avoid when building a cybersecurity awareness program

Education was the most hacked sector last year. Learn how to build an effective higher ed security awareness program — and what mistakes to avoid.
Read More
Article

Data storage security isn't working: Here are 5 ways to improve

Data storage and backup systems are far more insecure than other IT systems, research says. Here are five ways to improve their security.
Read More
Article

DevSecOps Tools of the trade

Dig into the DevSecOps tools, including Source Composition Analysis and Static Analysis Security Testing, used in cybersecurity work.
Read More
Article

Password security: Using Active Directory password policy

Learn how to implement password security policies using Active Directory in this walkthrough from Infosec Skills author Mike Meyers.
Read More
Headshot of Infosec scholarship winner Kandice Kucharczyk Article

Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high

Infosec scholarship winner Kandice Kucharczyk was mentored by CISA’s director, Jen Easterly, who helped her set her ambitions higher.
Read More
Article

Software dependencies: The silent killer behind the world's biggest attacks

Why software dependencies represent a risk to virtually all software projects.
Read More
Article

How AsyncRAT is escaping security defenses

Learn more about the popular and dangerous AsyncRAT malware.
Read More
Article

Protect your data with zero-trust networks

83% of former employees retain access to one or more of your company's accounts. It's past time to use a zero-trust network to ensure your data stays safe.
Read More
Article

How Zoom is being exploited for phishing attacks

Learn how easy it is to create a Zoom phishing email in this episode of Cyber Work Applied with Infosec Principal Security Researcher Keatron Evans.
Read More
Article

Introduction to DevSecOps and its evolution and statistics

Learn about the growth of DevSecOps and key statistics associated with it for 2022.
Read More
Article

3 cybersecurity automation tools that your IT department needs now

IT departments are understaffed and overworked. Cybersecurity automation tools relieve staff, increase security efficiency and meet compliance standards.
Read More
Article

Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]

Patrick Lane breaks down four CompTIA cybersecurity certifications: Security+, CySA+, PenTest+ and CASP+. Which one is right for you?
Read More
Article

How to use Nmap and other network scanners

Learn how to use free network scanning tools like Nmap, Zenmap and Advanced Port Scanner in this episode of Cyber Work Applied.
Read More
Article

How to crack a password: Demo and video walkthrough

Infosec Skills author Mike Meyers shows just how easy it is to use a brute-force attack or a password dictionary attack to crack a password.
Read More
Article

How to become a security engineer: Training, certifications and resources

Explore the best training, certifications and resources to help you become a security engineer!
Read More
Article

Security engineer career path: A complete overview

Read More
Article

How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career

Gaurav Panta, a VetsInTech student, was able to transition to a career in technology from the U.S. military with a Security+ certification.
Read More
Article

SSCP Certification: Overview and Career Path

Find out if the Systems Security Certified Practitioner certification is right for your career.
Read More
Article

Inside Equifax's massive breach: Demo of the exploit

The Equifax data breach affected nearly half of the U.S. population. In this episode of Cyber Work Applied, see how the attack actually happened.
Read More