Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Cyber threat analysis [updated 2021]

Learn about what a cyberthreat is.
Read More
Article

PMP Domain #1: People [updated 2021]

The Project Management Professional (PMP) certification has undergone some changes to its domains of knowledge, including Domain #1 - People
Read More
Article

Cybersecurity Weekly: Ryuk ransomware, U.S. pipeline outage, Chrome privacy update

A Ryuk ransomware attack was sprung by a frugal student. The U.S. declares a state of emergency after ransomware hits their largest fuel pipeline. Google Chrome's new privacy feature restricts online user tracking. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

The OSCP certification and exam [updated 2021]

For a career in information technology that encompasses defensive and offensive roles, you might want to consider becoming an Offensive Security Certified Pr
Read More
Article

Cybersecurity project manager: Is it the career for you?

What experience and skills do you need to become a cybersecurity project manager? Is it the perfect role for you? Find out!
Read More
Article

Insider threat report: Tesla employee thwarts $1 million bribery attempt

Tesla’s near insider threat situation response is a good model to follow if faced with a similar situation.
Read More
Article

Two ways to build a cybersecurity team using the NICE Framework

Using the NICE Framework for Cybersecurity will help you structure your team against cyberthreats.
Read More
Article

Sparrow.ps1: Free Azure/Microsoft 365 incident response tool

Sparrow is a powerful tool used for detecting malicious activities in Azure and Microsoft Office 365.
Read More
Article

VMware vCenter vulnerability: Inside a critical remote code execution flaw

We dive into this remote code execution vulnerability, highlighting the most important details of this flaw.
Read More
Article

Cybersecurity Weekly: SonicWall zero-day, Experian leak, Python vulnerability

Hackers exploit a SonicWall zero-day bug in ransomware attacks. An Experian API exposed the credit scores of most Americans. Python was impacted by a critical IP address validation vulnerability. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

The top 10 highest-paying jobs in information security in 2021

Want to earn more money? Here are the highest paying cybersecurity and information security jobs for 2021.
Read More
Article

Smart Toys and Their Cybersecurity Risks: Are Our Toys Becoming a Sci-Fi Nightmare? [updated 2021]

As smart toys get more advanced, they bring more cybersecurity risk with them.
Read More
Article

Top 7 malware sample databases and datasets for research and training

Research malware with these top-of-the-line malware sample databases and datasets.
Read More
Article

Cybersecurity is a public health crisis, so why don’t we treat it that way?

What can cybersecurity learn from data and guidance around public health? We break down Adam Shostack’s call to action for a cyber public health framework.
Read More
Article

Top 10 most in-demand cybersecurity skills for 2021

What cybersecurity skills are best for your career? We collected 10 of the most in-demand areas requested by employers.
Read More
Article

5 reasons to implement a self-doxxing program at your organization

Performing self-doxxing at your organization can help you better understand your organization’s risk — and where you are most vulnerable.
Read More
Article

CGEIT Frequently Asked Questions (FAQ) [updated 2021]

Introduction The Certified in Governance of Enterprise IT certification (CGEIT) is a vendor-neutral IT governance certification hosted by ISACA that may hel
Read More
Article

Cybersecurity Weekly: Geico data breach, SonicWall under attack, Twitter email

A Geico data breach exposed customers' driver's license numbers. Zero-day flaws in the SonicWall email security tool are under attack. Twitter accidentally sends suspicious emails asking to confirm accounts. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

How To Become CGEIT Certified – Certification Requirements [updated 2021]

Introduction Those working in enterprise IT governance, compliance and risk management may want to earn the Certified in Governance of Enterprise IT certifi
Read More
Article

What is homomorphic encryption?

Homomorphic encryption is a good way to safely run and store data in the cloud, and is on the way to becoming the standard for cloud-based data storage.
Read More
Article

6 most sophisticated phishing attacks of 2020

2020 saw a number of major phishing attacks — and an increase in the attacks. Here are some of the most sophisticated phishing attacks of the year.
Read More
Article

Man-in-the-middle attack: Real-life example and video walkthrough

Is your web browsing private, or is a man in the middle looking at everything you do? Learn how to set up a MITM attack in this video walkthrough.
Read More
Article

Odin 1: VulnHub CTF walkthrough

This VulnHub capture the flag (CTF) from user y0usef is for entry-level users looking to get experience obtaining root access of a machine and read the flag
Read More
Article

Cryptocurrency Enforcement Framework: Impacts on digital forensic investigations

A new Cryptocurrency Enforcement Framework was recently released. Learn how it may impact cryptocurrency, cybersecurity and digital forensics investigations.
Read More