Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

How Red Teaming and Blue Teaming Complement Each Other

Red teaming and blue teaming are two different strategies for performing assessments of an organization’s cybersecurity. In this article, we will discuss the
Read More
Article

Everything You Need To Know About Red Teaming in 2018

Introduction An old military saying states that in a long-running conflict, the opposing parties eventually adopt similar tactics. Well, if there is a long-s
Read More
Article

The Center for Internet Security (CIS): Top 20 Critical Security Controls

Introduction The cyber-threat landscape is constantly changing on a daily basis. Each cyberattack seems to get worse, more sophisticated and even more covert
Read More
Article

CPNI (Customer Proprietary Network Information) Overview and Key Takeaways

Introduction In the United States, we have a communications infrastructure that is actually quite complex. For instance, not only do the traditional landline
Read More
Article

What Are the Benefits of C-TPAT in 2018?

Introduction The need to maintain safe and secure logistics and supply chain channels is receiving a lot of importance and attention worldwide. Once such leg
Read More
Article

What Does It Mean to Be DFARS-Compliant in 2018?

Introduction In the cyber-threat landscape of today, the hacker is out to get all sorts of information and data and to exploit it for malicious purposes. For
Read More
Article

How to create an employee cybersecurity awareness strategy

We live in a digital era where sensitive information, digital networks and critical infrastructures are all susceptible to cyberthreats. We only need to look
Read More
Article

Breaking Down Drive-By Phishing Attacks

For the past decade, drive-by download attacks have been the bane of organizations’ IT department. These occur when adversaries place malicious Trojans insid
Read More
Article

How to create a human firewall: Top 7 elements required for success

A robust security system contains more than just hardware or software; there must always be a “wetware” (aka human) defense element as well. A so-called “hum
Read More
Article

6 Ways to Improve Your Business Endpoint Protection

As companies continue to decentralize, adding offices as well as remote workers, threats to the security of their data are increasing drastically. Add the in
Read More
Article

5 endpoint threats impacting security

Endpoint threats pose serious security risks to many organizations. Companies are reporting attacks ranging from ransomware to phishing attacks. These attack
Read More
Article

The Evolution of Endpoint Security – Changing with the Currents

Introduction Traditionally, endpoint servers within organizations were managed by IT departments to contain endpoint security. But with the constant changes
Read More
Article

The Changing Landscape of Endpoint Security: What You Need to Know for 2018

Endpoint security doesn't always get the same attention as or share the high profile of network and Internet security, but that doesn't diminish its importan
Read More
Article

What a security auditor needs to know about privacy compliance

Constant changes in the regulatory environment are putting more pressure on organizations to get data security and privacy right. Some regulations require au
Read More
Article

What Your Compliance Officer Should Know About Privacy

As the prevalence of digital technologies grows, compliance becomes a more vital part of how organizations do business. Compliance has become a relevant conc
Read More
Article

Penetration testing: maintaining access

Once a pentester manages to gain access to the target system, he should work hard to keep his boat afloat, metaphorically speaking. He can choose either to u
Read More
Article

Top 5 Web Application Security Scanners of 2018

Intro to Web Application Security Scanners Web application plays an important role in an organization and possesses a great impact and gateway to organizatio
Read More
Article

Security Awareness: A Core Competency for K-12 Students

Today’s youth spend more time than ever before online. Like learning to lock the front door behind you, security awareness training at an early age helps transform a behavioral concept into a habit. Our FREE K-12 awareness training series includes three fun security awareness training modules, with a fourth on the way to encourage the next generation to consider career paths in cybersecurity.
Read More
Article

GoldenEye 1: CTF walkthrough, part 1

In this article we will attempt a capture-the-flag (CTF) challenge called “GoldenEye 1.” This CTF was posted on VulnHub by the author Creosote. Per the descr
Read More
Article

Wakanda1 CTF walkthrough

In this article, we will learn to solve a Capture the Flag (CTF) challenge which was posted on VulnHub by xMagass. According to the information given in the
Read More
Article

CVE-2018-11776 RCE Flaw in Apache Struts Could Be Root Cause of Clamorous Hacks

CVE-2018-11776 RCE in Apache Struts At the end of August, maintainers of Apache Struts released security updates for the Apache Struts 2 open-source developm
Read More
Article

How to Use Biometrics in Logical Access Entry

Introduction Biometrics is another security technology which is used to confirm the identity of an individual. The tools utilized can do this either by takin
Read More
Article

Security Awareness & Training for Small Business

While it’s the attacks on well-known companies that make the headlines, the threat is just as worrying for small businesses. And the problem is made worse by
Read More
Article

15 Ways to Secure Your Business Wi-Fi

Top 15 Business Wi-Fi Tips 1. Change the SSID This one might not sound like a big deal, but it can make it a lot harder for a would-be attacker to gain acces
Read More