Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Top tools for red teaming

Explore several of the top tools used for red teaming.
Read More
Article

FINDING MY FRIEND: 1 VulnHub CTF Walkthrough - Part 1

As per the description given by the author, there are four flags in this CTF that needs to capture to complete the challenge. Pre-requisites would be knowled
Read More
Article

Intrusion detection software best practices

Learn intrusion detection systems fundamentals and some of the best practices behind maintaining and tuning them.
Read More
Article

What is intrusion detection?

Gain fundamental knowledge of intrusion detection and learn why it's crucial for network and endpoint security.
Read More
Article

HOGWARTS: DOBBY VulnHub CTF Walkthrough

Solve a capture the flag (CTF) challenge that was posted on Vulnhub.
Read More
Article

Looking to the future: A CISOs biggest challenges

Find out what some of the biggest challenges are for a CISO.
Read More
Article

CompTIA PenTest+ certification exam: Overview of domains

Learn about what is covered by the five domains of the CompTIA PenTest+ examination
Read More
Article

Log4j vulnerability explained: Zero-day attacks and how to contain them

The Log4j zero-day vulnerability continues to be exploited by malicious actors. Learn why, and what it takes to stop a potential exploit.
Read More
Article

The 7 steps of ethical hacking

To beat hackers at their own game, you need to think like them.
Read More
Article

Modus operandi of BlackByte ransomware

Learn about BlackByte, a data encryption malware targeting various organizations.
Read More
Article

Cybersecurity Weekly: 2022 email security trends, vulnerabilities in WordPress plugin and resources from CISA

Predicting 2022 email security trends, vulnerabilities detected in popular WordPress plugin and cybersecurity resources. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

Reducing cybersecurity risks with strong awareness reporting

With increasing cyberattacks and data breach costs, Infosec experts provide concrete ways to improve the impact of your cybersecurity awareness program.
Read More
Article

Will immersive technology evolve or solve cybercrime?

Immersive technology like virtual reality and augmented reality can be used for cybersecurity training and exploited by threat actors.
Read More
Article

Passwords and people: Your secret weapons against cybercriminals

Passwords and people continue to be low-hanging fruit for both organizations and cybercriminals. According to Verizon’s 2021 Data Breach Investigations Repor
Read More
Article

Vendor-specific versus vendor-neutral: Best cybersecurity certifications

Confused about vendor-neutral vs. vendor-specific IT and cyber security certifications? We break them down in detail.
Read More
Article

PenTest+ certification job titles and career outlook

Find out what your career outlook is like and what jobs you can get with a PenTest+ certification.
Read More
Article

Emotet malware returns

Learn about the main features introduced by criminals into this new Emotet release, how it is being disseminated and practical measures to avoid malware in general.
Read More
Article

What is penetration testing, anyway?

The most commonly referenced type of security testing is “penetration testing.” That has become a catchall term, and, unfortunately, it’s misleading. 
Read More
Article

Red Teaming: Persistence Techniques

Let's explore some of the most popular persistence techniques used during red teaming assessments.
Read More
Article

Cybersecurity Weekly: Framing security with leadership, ransomware advisories continue and biological models for cybersecurity predictions.

Showing the corporate board why cybersecurity is mission-critical, CISA, FBI and NSA add additional ransomware advisories and biology-based models to increase security protections. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

EMPIRE: LUPINONE VulnHub CTF Walkthrough, Part 2

In the previous part of the CTF, we began completing the capture of the flag.
Read More
Article

Collaboration is key: IBM and Booz Allen Hamilton weigh in on attracting and retaining cyber talent

Learn about some of the best ways to keep your worker pool full of talented individuals.
Read More
Article

Finding the right MSSP for securing your business and training employees

To learn more about the value MSSPs should and can bring to the table, I spoke with Frank Rauch and Shay Solomon at Check Point Software Technologies.
Read More
Article

Laravel authorization best practices and tips

Learn best practices for authorization in Laravel, such as only authorizing against permissions, not roles.
Read More