Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

How to hack mobile communications via Unisoc baseband vulnerability

This vulnerability allows attackers can neutralize communications in a specific location.
Read More
Article

Fileless malware uses event logger to hide malware

Learn about a fileless malware that is “taking advantage of Windows event logs to stash chunks of shellcode for the first time in the wild.”
Read More
Article

Infosec Skills August Challenge

Join the quest for new skills, bragging rights and over $1,000 in prizes. Each month, we’ll release a brand new challenge. Can you complete it?
Read More
Article

Today’s IT job market: Beyond fear, uncertainty and doubt

You may have heard some buzz about layoffs in the cybersecurity sector. Let's look at what's really going on in the job market.
Read More
Article

Capture: Improve IoT firmware security with new firmware architecture

In this article, we shall discuss what Capture is and discuss how its application can benefit both IoT device owners and IoT device vendors.
Read More
Article

How learning to be "Always Flexible" helped a Marine in earning the Security+ certification

Semper Gumby.  Almost as synonymous with the Marine Corps as its official motto of Semper Fidelis, the mantra of staying “Always Flexible,” as the bendabl
Read More
Article

Nerbian RAT Using COVID-19 templates

Nerbian RAT has been spreading by taking advantage of Covid19 email templates containing a Microsoft Word attachment with malicious macros inside.
Read More
Article

Popular evasion techniques in the malware landscape

This article compiles some of the evasion strategies used by malware users in the wild.
Read More
Article

Third-party authentication (OAuth): Good or bad for security?

How does third-party authentication work and what happens if social media login fails?
Read More
Article

Two basic actions that reduce enterprise cyber risk by 60%

Recent events have increased the likelihood of at cyber-attacks against critical infrastructure. Here are two things to reduce your risk.
Read More
Article

How to use the MITRE ATT&CK Matrix for Enterprise: Video walkthrough

Learn how to effectively use the MITRE ATT&CK matrix and develop your and your security team’s cybersecurity skills.
Read More
Article

4 key takeaways from the 2022 Verizon DBIR report

Here's what cybersecurity professionals need to know about the latest version of the Verizon Data Breach Investigations Report (DBIR).
Read More
Article

A DevSecOps process for ransomware prevention

Ransomware is possibly the most severe cybersecurity threat facing organizations today. There are multiple attack vectors. One of the ways ransomware infects
Read More
Article

How to learn and pass your next certification exam

What do you want to learn next? Where do you want to be in the next six months or year? Use these learning tips to help hit your goals.
Read More
Article

SOC analyst salary: Entry, mid and senior analysts’ earnings in 2022

A security operations center (SOC) analyst’s job is to monitor an organization’s IT infrastructure for potential threats. These professionals usually work as
Read More
Article

Four examples of human error in cybersecurity — and how to fix them

What kind of human errors cause cybersecurity risks to increase, and how can you stop them?
Read More
Article

How PCI DSS acts as an (informal) insurance policy

The Payment Card Industry Data Security Standard, or PCI DSS, is a set of measures designed to help protect customers’ data and reduce credit card fraud.
Read More
Article

Top 7 tools for intelligence-gathering purposes

Experts can often collect significant artifacts related to the authors behind the analyzed scenarios during cybersecurity exercises, including details such a
Read More
Article

Sunnyday ransomware analysis

Get up-to-the-minute facts about Sunnyday ransomware, which has been infecting users since March 2022.
Read More
Article

SOC analyst career path: Job description, levels and career progression

A high-level overview of the SOC analyst career path and the responsibilities, skills and experiences required to successfully perform at each level.
Read More
Article

Five ethical decisions cybersecurity pros face: What would you do?

Some examples of ethical dilemmas faced by cybersecurity professionals: What would you do?
Read More
Article

CompTIA A+ domain 9: Operational procedures — What you need to know for the exam

Learn what you need to know to prepare for CompTIA A+ Domain 9: Operational Procedures
Read More
Article

CompTIA A+ renewal process [2022 update]

Learn the why, when and how of renewing your A+ certification.
Read More
Article

CompTIA A+ domain 1: Mobile devices — What you need to know for the exam

Get to know domain 1 of the A+ certification exam to help you prepare for your exam.
Read More