Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Identity Management Solutions

Identity management as a platform is an emerging branch of Information security. Top vendors such as Microsoft, IBM, and Oracle have taken serious plunges in
Read More
Article

Anatomy of a Risk Assessment

To an organization that is serious about security and wants to identify the most efficient way to invest in security solutions, a risk assessment is absolute
Read More
Article

Anti-debugging: Detecting system debugger

In the previous tutorial, we've talked about techniques that harden the reverse engineering of the executable and then we looked at anti-debugging techniques
Read More
Article

Unpacking, reversing, patching

This article is an introduction of packing, how to unpack, to reverse an exe and finally patching it. I have chosen to show reversing of a sample exe file an
Read More
Article

Implementing Secure Software Development Program – Part 3

Background: In the previous parts we covered the approach for implementing Secure SDLC (S-SDLC) and Gap Analysis. In this part we are going to cover Roa
Read More
Article

Object Oriented Programming in C#.net

OOP's overview Object-oriented programming is the core ingredient of the .NET framework. OOP is so important that before embarking on the road to .NET, you
Read More
Article

Cyber-espionage: The greatest transfer of wealth in history

Introduction In recent months, the world-wide security community has discovered many cyber espionage campaigns that hit governments, intelligence agencies an
Read More
Article

IDA Pro Configuration Options

Configuration Files We know that some of the Ida's settings are saved in the .idb archive database files, but are not actually persisted across global Ida se
Read More
Article

Cryptography 101 with SSL

To Start With Whenever you are connecting to a site via HTTPS, the complete session is encrypted and all the application data is sent over a secured encrypte
Read More
Article

IDA Pro: IDC, SDK and Remote Debugging Overview

In this article, we won't be going too deep into Ida scripting. Instead, we'll present what an IDC is and how it can be used to enhance the capabilities of I
Read More
Article

Facebook malware: How do they work, how to protect yourself against them and what to do if you get infected

1. Introduction Social media's history precedes the 21th century and ever since then malevolent people have attempted to infiltrate the computers of innocen
Read More
Article

Implementing Secure Software Development Program

Background: This article follows my earlier one: "Secure Software Development Life Cycle" (from now on referenced as S-SDLC), being one Implementation of th
Read More
Article

Secure code review: A practical approach

This article is about different code review techniques and their application in the real world What you will learn What is secure code review and how to
Read More
Article

Protecting yourself from Social Engineering Attacks

Due to technical advances in today's society, traditional boundaries, borders and personal privacy have been redefined. This has resulted in a new freedom of
Read More
Article

Facebook Hacker Cup 2013 Qualification Round: Beautiful strings

Here's my follow-on to the Facebook Hacker Cup. Yesterday, I told you about my take on the Balanced Smileys puzzle. Today, we'll discuss the easiest challeng
Read More
Article

Introduction to secure software development life cycle

The objective of this article is to introduce the user to Secure Software Development Life Cycle (will now on be referenced to as S-SDLC). There are multiple
Read More
Article

Social Media use in the Military Sector

Introduction Social media has assumed a fundamental role in today's society. It is a technology with the highest penetration level, as billions of people are
Read More
Article

MetaData and Information Security

Information security and penetration testing is not limited to find the vulnerabilities on the website and network; it is an interesting profession that cove
Read More
Article

Linux Hardening

This article aims to provide a general list of security issues that should be considered when you are auditing a Linux system or when you are hardening an ex
Read More
Article

Android Application Assessment

In this article, we'll discuss THE steps involved in performing A security assessment of an Android based application. We will see the use of various tools a
Read More
Article

The Basics of ASP.NET

Introduction In this article we'll talk about unicode support in various elements of the HTTP protocol, but first let's say a few words about HTTP. We won't
Read More
Article

CompTIA Security+: SY0-301 Study Guide excerpt

NOTE: This article reflects an older version of the Security+ Exam – please see the current Security+ Certification page for the most up-to-date information.
Read More
Article

Invoking Article 51 (self-defense) of the UN Charter in Response to Cyber Attacks – II

Cyber attacks through the perspective of the armed attack notion A cyber attack cannot rise to the level of an armed attack as prescribed in Article 51 "bec
Read More
Article

Introduction to Blackberry Balance Technology

Blackberry is known for its email and security rather than a company which produces fancy mobile phones. This is one of the reasons why Blackberry is preferr
Read More