Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Cybersecurity Weekly: Gift card scams, IKEA breached, cyber knowledge gaps

New twists on gift card scams flourish on Black Friday. IKEA was hit by a cyber attack that uses stolen internal reply-chain emails. Cybersecurity knowledge gaps at any level of the organization pose security risks. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

THOTH TECH 1: VulnHub CTF Walkthrough

Test out this capture the flag (CTF) to strengthen your cybersecurity skills.
Read More
Article

How to build a proactive incident response plan

The average cost of a data breach is now $4.24 million. A proactive incident response plan is crucial to help organizations mitigate that risk.
Read More
Article

Top tools for mobile iOS assessments

Find a list of tools used during red teaming assessments to audit and ensure the security of mobile iOS applications.
Read More
Article

Consent phishing: How attackers abuse OAuth 2.0 permissions to dupe users

What is consent phishing? How are cyberattackers using a standard protocol, OAuth 2.0, to gain access to user data even if it is robustly protected?
Read More
Article

Why recent cyberattacks are shining a spotlight on the state of cybersecurity today

Cybersecurity issues are plaguing organizations large and small today, and it's a technical and personnel issue.
Read More
Article

Engineering personality analysis from machine learning

From social media to eye movement to handwriting, there are numerous ways to uncover your personality traits — and for cybercriminals to exploit them.
Read More
Article

FUNBOX UNDER CONSTRUCTION: VulnHub CTF Walkthrough

This capture the flag (CTF) will be an easy challenge for you to test your skills out. It's perfect for those looking for an easy challenge.
Read More
Article

Cybersecurity Weekly: Palo Alto bug, Robinhood breach, Costco finds card skimmer

A zero-day bug was found in Palo Alto firewalls using GlobalProtect portal VPN. A Robinhood data breach exposes 7 million users' information. Costco discloses a data breach after finding a credit card skimmer. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

Redline stealer malware: Full analysis

In recent months, a recent piece of malware dubbed Redline has been distributed and gaining traction on Russian underground forums.
Read More
Article

CGRC certification job titles and career outlook

Find out the job titles and career outlook for those with a Certified in Governance, Risk and Compliance certification.
Read More
Article

CRISC Resources [updated 2021]

If you want to have a career in IT risk management, the CRISC certification might be right for you.
Read More
Article

CRISC: Exam details & process [updated 2021]

Learn about what you need to know when taking the CRISC exam.
Read More
Article

Red Team: C2 frameworks for pentesting

Find out some of the most used C2 post-exploitation frameworks for pentesting and much more.
Read More
Article

Maintaining your CGRC certification: CPE and renewal requirements

Learn how to maintain your Certified in Governance, Risk and Compliance certification.
Read More
Article

Hackable ||| VulnHub CTF Walkthrough Part 1

In this article, we will solve a capture the flag (CTF) challenge posted on the VulnHub website.
Read More
Article

CRISC: Overview of domains [updated 2021]

Find out what the Risk and Information Systems Control certification is all about.
Read More
Article

Adding cybersecurity services: 5 things MSPs need to know

Organizations are increasingly turning to Managed Service Providers (MSPs) to provide security services. Here are five tips to help MSPs do so effectively.
Read More
Article

This scholarship winner reveals the secrets to cybersecurity success

In an era of unforeseen uncertainty, Infosec Accelerate Scholarship winner Steff Allen finds himself more sure about his career choice than ever.
Read More
Article

This scholarship winner prides herself on interdisciplinary experience

For Infosec Accelerate Scholarship winner Rachel Jones, a career in cybersecurity has never looked more promising.
Read More
Article

JETTY: 1 VulnHub CTF Walkthrough

In this article, we will solve a capture the flag (CTF) challenge posted on Vulnhub.
Read More
Article

Infosec Inspire 2021 Inductee Jayce Hill provides security for Fortune 500 companies

Learn how Jayce Hill began working for Microsoft and providing cybersecurity to companies like Toshiba.
Read More
Article

Customer data protection: A comprehensive cybersecurity guide for companies

Looking for advanced cybersecurity strategies? Here is a comprehensive guide on how to develop a cybersecurity plan for enhanced data security.
Read More
Article

Cybersecurity Weekly: Ransomware training, holiday package phishing attack, $10 million DarkSide bounty

Should companies subject employees to ransomware-specific security training? Tis the season for the wayward package phish. The U.S. puts a $10 million bounty on DarkSide ransomware hackers. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More