Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Hacking tools: Reverse engineering

Reverse engineering refers to the duplication of another producer's product following a thorough examination of its construction or composition. It involves
Read More
Article

How to Develop an Incident Response Plan in 9 Simple Steps

Introduction Developing an incident response (IR) plan is not an easy task that can be accomplished in a day. It is a process that requires thought and seve
Read More
Article

Autopsy Computer Forensics Platform Overview

Autopsy: a platform overview Autopsy is the graphical user interface (GUI) used in The Sleuth Kit to make it simpler to operate, automating many of the proce
Read More
Article

Computer Forensics Code of Ethics

Computer Forensics Code of Ethics ensures fairness and integrity An important aspect of most professional associations is its code of ethics. A code of ethic
Read More
Article

Computer Forensics Roles and Responsibilities

These days cops might be trolling for bad guys online in a chat room as often—maybe even more often—than chasing them down a back alley. Although there’s sti
Read More
Article

Security+: Account Management Best Practices (SY0-401) [DECOMMISSIONED ARTICLE]

NOTE: This article reflects an older version of the Security+ Exam – please see the current Security+ Certification page for the most up-to-date information.
Read More
Article

Meltdown and Spectre Patches: a story of delays, lies, and failures

The beginning On January 3, white hackers from Google Project Zero have disclosed some vulnerabilities in Intel chips called Meltdown (CVE-2017-5754) and Spe
Read More
Article

E-Discovery and Computer Forensics – How are They Different?

Introduction to E-Discovery E-discovery is the procedure by which parties involved in a legal case collect, preserve, review and exchange information in elec
Read More
Article

Overview of Computer Forensics Linux Distributions

What is a Live CD? A live CD/DVD/Disk contains a complete bootable Operating System that runs in a computer’s memory, rather than loading from the hard disk.
Read More
Article

11 Points to Consider When Virtualizing Security

Virtualized computing resources can save organizations money, but awareness of the security implications must be to the fore in any discussion As the name su
Read More
Article

5 social media site privacy issues you should worry about

I recently took my Amazon Alexa device to a friend’s home so they could see what I had been going on about for months. The friend and her husband, both mille
Read More
Article

5 Easy Ways to Protect Your Small Business from Phishing Attacks

Your business is vulnerable to phishing attacks, no matter what size it is. According to the 2016 State of SMB Security Report, half of the 28 million small
Read More
Article

Phishing Attacks in the Shipping Industry

Introduction The good old email is still the cybercriminals’ most preferred avenue for unauthorized access to your technological (and other) assets. As many
Read More
Article

Phishing Attacks in the Recreation Industry

Introduction When it comes to phishing schemes, the world of recreation may appear safer than more finance-oriented pursuits like banking, cloud storage, and
Read More
Article

Phishing Attacks in the Manufacturing Industry

Introduction In the second quarter of 2017, the manufacturing industry was the most targeted by cyber-attacks, with 24% of attacks globally, according to NNT
Read More
Article

DNS hacking (beginner to advanced)

DNS is a naming system for computers that converts human-readable domain names e.g. (infosecinstitute.com) into computer-readable IP-addresses. However, some
Read More
Article

Creating an API authenticated with OAuth 2 in Node.js

In the second part of the Securing Web APIs series, we are going to shed light on the OAuth authorization framework and we are going to build a simple API wi
Read More
Article

Security+: Cryptography Concepts (SY0-401) [DECOMMISSIONED ARTICLE]

NOTE: This article reflects an older version of the Security+ Exam – please see the current Security+ Certification page for the most up-to-date information.
Read More
Article

Necurs: World’s Largest Botnet

This article examines what is touted to be the world's largest botnet known as "Necurs," focusing on the following: How Necurs stands out from other botnets
Read More
Article

Computer crime investigation using forensic tools and technology

As more and more users go mobile and utilize interconnected devices, computers are often at the center of incidents and investigations. Evidence for discussi
Read More
Article

Password cracking using Cain & Abel

According to the official website, Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kinds of p
Read More
Article

Hacking tools: Web application hacking tools

Certain tools are essential if you want to hack a web application. Knowledge is key in everything, and this involves hacking. To hack websites as well as web
Read More
Article

How to Become an Information Systems Security Auditor

Cybercrime numbers never fail to impress. According to Ponemon’s 2017 Cost of Cyber Crime Study, the number of security breaches increased over 27% in 2017.
Read More
Article

Five standardization bodies security professionals need to know

Standardization bodies are organizations that exist specifically for developing, coordinating, promoting and interpreting technical standards. As with an
Read More