Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Hackers Selling Healthcare Data in the Black Market

With the drastic increase in Cyber Crime, the healthcare industry is a potential target for data hungry hackers. Patient safety may not directly relate to da
Read More
Article

Securing Cookies Using HTTP Headers

In the previous articles in this series on defending against web attacks using HTTP headers, we have seen the usage of X-Frame-Options and X-XSS-Protection h
Read More
Article

Interview: Chris Camejo, Director of Assessment Services for NTT Com Security

Chris Camejo, Director of Assessment Services for NTT Com Security (formerly Integralis), comes from a technical assessment background, having personally coo
Read More
Article

NodeJS Security for Beginners

Introduction: NodeJS is an extremely powerful and lightweight technology, which is being widely adopted. Just like any other technology sometimes developers
Read More
Article

5 Reasons Your Business Needs a Data Recovery Partner

Have you considered a data recovery partner to help your business or client in the event of a data emergency? While not every business owner may have thought
Read More
Article

Cyber savvy? Take a Quick Security Awareness Quiz to Find Out

So you think you are cyber-savvy knowledgeable in the cyber security risks you face every day in the digital world? Take this quick security quiz and find ou
Read More
Article

Maligno: An Open Source Pentesting Tool

Today I want show you a new tool that could help in your penetration testing activity. Maligno is an open source penetration-testing tool under the FreeBSD l
Read More
Article

Playing Hide-and-Seek with Metadata

We often go on at length about master data, reference data and hierarchies. After all, we discover and analyze these datasets, avoid duplicating them, insist
Read More
Article

Rootkits: Kernel Mode

We have learned in part one of this series about the Rootkits and how they operate in User Mode; in this part of the series we will up the ante and look at t
Read More
Article

Are You InfoSec Geek Enough? Take This Quiz and Let’s See What You Got!

I have prepared a simple quiz for you guys out there who are brave enough to test if you really are a certified InfoSec geek. Take note of the questions sinc
Read More
Article

35 Awesome InfoSec Influencers You Need to Follow

I would like to share some security researchers and information security professionals you might have missed following. I think they deserve credit and some
Read More
Article

Rootkits: User Mode

In this article, we will learn about what rootkits are and how they operate. The focus will be on two types of Rootkits exploits: User Mode & Kernel Mode
Read More
Article

Interview: Steve Lufkin, CEO of Vantix Diagnostics

Steve Lufkin is CEO of Vantix Diagnostics, a ground-breaking healthcare technology platform that runs the most common blood tests providing results instantly
Read More
Article

15 Must Have Books for InfoSec Enthusiasts and IT Security Professionals

Aside from security articles, podcasts and videos, books are great resources for developing new skills, improving one's career growth, and gaining extensive
Read More
Article

Lessons from Deficient Java Applet-based Authentication

Java Applets are bytecodes that are delivered via the browser, and executed using the Java Virtual Machine (JVM) at the client-side. Java Applets can access
Read More
Article

Animal Farm APT and the Shadow of French Intelligence

Babacar and Casper Almost every government is working to improve its cyber-capabilities. The majority of them already have in their arsenal powerful espionag
Read More
Article

HTTP/2: Enforcing Strong Encryption as the De Facto Standard

HTTP Protocol, which serves as the communication channel for HTTP requests and responses on the Web, has received its first major revision since introduction
Read More
Article

Insecure Data storage with NoSQL Databases

In one of our previous articles, we discussed how Android applications could be vulnerable to insecure data storage. This is a follow-up article to that, as
Read More
Article

How to Deal with Reverse Domain Name Hijacking

1. Introduction The fact that one owns a trademark which is identical or confusingly similar to a domain name does not necessarily mean that she is entitled
Read More
Article

MOOSE Malware: Analysis

Part One of this series was a very basic level, and had only thrown light on what Moose Malware actually is, as well as its components and related IoC's. In
Read More
Article

Social Engineering - A Case Study

In this article, I am going to illustrate a real life social engineering hack that I did for my friend. He saw some property ads online; he filled out the qu
Read More
Article

The Top Five Cyber Security Vulnerabilities

Introduction In the last weeks, the hack of the Federal Office of Personnel Management (OPM), apparently tied to Chinese sponsored hackers, raised the discus
Read More
Article

Win32/Lethic Botnet Analysis

Introduction Lethic is a spam botnet consisting of an estimated 210 000 - 310 000 individual machines which are mainly involved in pharmaceutical and replica
Read More
Article

Office 365 Compliance Matrix

When people find out what I do for a living, they often ask if I think the Cloud is secure. We’ve written about this before and my response is along the line
Read More