Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

ISC2 CGRC domain #4: Implementation of security and privacy controls

Learn about domain 4 of the ISC2 Certified in Governance, Risk and Compliance certification.
Read More
Article

MONEY HEIST: 1.0.1 VulnHub CTF walkthrough

Take on this medium difficulty capture the flag to gain some cybersecurity experience.
Read More
Article

How To Earn CRISC CPE Credits [updated 2022]

Learn how to earn Continuing Professional Education (CPE) credits for the CRISC certification here.
Read More
Article

CRISC Frequently Asked Questions (FAQ) [updated 2022]

Find the answers to some of the most frequently asked questions about the CRISC examination.
Read More
Article

Want to improve the security of your application? Think like a hacker

Explore the assumptions you’ve made about your application, and try to get the system to respond in ways it isn’t supposed to.
Read More
Article

Nine tips for CRISC exam success [updated 2022]

These are some of the most popular and best tips for successfully taking the CRISC exam.
Read More
Article

Cybersecurity Weekly: Threat advisories, passwords, people and the next generation of secure developers

Researchers find 850,000 fake e-commerce accounts, using people as your secret weapon against cybercrime and creating the next generation of secure developers. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

CMMC is a culture shift: Is your organization ready?

The CMMC is more than just implementing security controls; it is about establishing a security-minded organizational culture.
Read More
Article

Certified in Risk & Information Systems Control (CRISC) Exam Overview [updated 2022]

Find out all the ins and outs of the CRISC examination so you can be better prepared to succeed.
Read More
Article

HACKADEMIC: RTB1 VulnHub CTF walkthrough

Take on this capture the flag challenge to gain cybersecurity experience.
Read More
Article

How to become CRISC Certified - Certification Requirements [updated 2022]

Learn what you need to do to earn the CRISC certification.
Read More
Article

Maintaining Your CRISC Certification: Renewal Requirements [updated 2022]

Find out what you need to do to renew your CRISC certification.
Read More
Article

5 problems with securing applications

For many companies, getting started on securing their application is riddled with logistical and practical challenges.
Read More
Article

Common CRISC Job Titles [updated 2021]

Find out what kind of career you can have if you acquire the CRISC certification.
Read More
Article

Cybersecurity Weekly: The worst hacks of 2021, security of smart devices and zero-day exposures

Recapping the worst hacks of 2021, securing all the new smart devices and holiday gifts and a 4-year-old vulnerability that could expose passwords, access tokens and more. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

DOUBLETROUBLE 1 VulnHub CTF walkthrough, part 3

Enhance your cybersecurity skills by completing this capture the flag challenge.
Read More
Article

DOUBLETROUBLE 1 VulnHub CTF walkthrough, part 2

Test your cybersecurity skills with this capture the flag challenge.
Read More
Article

Why you should build security into your system, rather than bolt it on

When you postpone security until later in the software development process, that delay costs you enormously in obvious and unexpected ways.
Read More
Article

Splunk: An easy tool for cybersecurity professionals to monitor threats

Gina Napier, who teaches the Infosec Skills Splunk learning path, discusses the value Splunk can bring to organizations concerned with cybersecurity.
Read More
Article

ISC2 CGRC exam details and process

The Certified in Governance Risk and Compliance certification proves that you have risk management skills.
Read More
Article

Cybersecurity Weekly: CISA 2022 compliance, Cyber pirates and Joker Malware

CISA details 2022 compliance requirements, cyber pirates draw concern for renewable energy and a malicious app in the Play Store. All this, and more, in this
Read More
Article

Free Cybersecurity and Infrastructure Security Agency (CISA) ransomware resources to help reduce your risk

Learn about the free ransomware tools that CISA provides that you can use to reduce risk within your organization.
Read More
Article

DOUBLETROUBLE 1 Vulnhub CTF Walkthrough Part 1

We will solve a capture the flag (CTF) challenge which was posted on Vulnhub.
Read More
Article

Using Laravel: Don’t overlook security says Infosec Skills author Aaron Saray

Laravel allows users to build websites and applications faster than ever, says Aaron Saray, CEO of Morebetterfaster.io and Infosec Skills author.
Read More