Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every month!

View Results
Filter Results
Webinar & video

CSAM 2021 — Your Guide to the Perfect Awareness Campaign

Security awareness, Best practices
Cybersecurity Awareness Month is approaching fast! We’re here to help you launchyour most successful awareness campaign yet.
Watch now
Poster, infographic & tool

Cybersecurity Awareness Month Toolkit

Phishing, Security awareness
Ready for Cybersecurity Awareness Month? Get everything you need to jumpstart awareness at your organization and instill secure habits.
Whitepaper & report

Cybersecurity Culture — Quantified

Security awareness, Cybersecurity
See the data on the most overlooked variable in security and learn how to measure your organization's cybersecurity culture.
Webinar & video

CISA Resources to Reduce Ransomware Risk | Infosec Edge Webcast

Security awareness, Best practices, Cybersecurity
Join the CISA team as they discuss the state of ransomware, prevention guidance and free tools to help you reduce risk.
Watch now
Webinar & video

CMMC rollout: How CMMC will impact your organization | Infosec Edge Webcast

Professional development, Compliance, Cybersecurity, Certification
More than 300,000 organizations will be affected by the new CMMC Framework. Learn how your organization will be affected.
Watch now
Webinar & video

Infosec IQ instant demo: Cybersecurity for every employee

Phishing, Security awareness
Learn how Infosec IQ can help educate and empower your employees to be one of your greatest cybersecurity assets in this instant demo.
Watch now
Webinar & video

Infosec Skills instant demo: Close your team’s skills gap

Professional development, Best practices, Threat intel, Cybersecurity, Certification
Learn how Infosec Skills can help close your organization’s cybersecurity skills gap in this instant demo.
Watch now
Poster, infographic & tool

Infosec Skills course catalog

Professional development, Cybersecurity, Certification
Infosec Skills keeps your team's security skills fresh year-round with hundreds of courses mapped to the NICE Cybersecurity Workforce Framework.
Poster, infographic & tool

ROI of Security Awareness Calculator

Security awareness
Download our free calculator, input your organization's costs and measure your return on security awareness training.

4 network utilities every security pro should know

Professional development, Cybersecurity
Command line utilities are useful in a variety of scenarios. Learn how, and when, you can use Ping, Netstat, Traceroute and ARP.
Watch Now
Webinar & video

CompTIA Network+: Everything you need to know about the new exam

Professional development, Certification
CompTIA's Network+ certification is getting an update in September 2021. Learn how the new exam is changing, and why, from CompTIA's Randall Edwards.
Watch now

Episode 200 extravaganza! Best of the Cyber Work Podcast (and $1,000 in prizes!)

Professional development, Security awareness, Best practices, Threat intel, Cybersecurity, Certification
PLEASE NOTE: Around minute 47, I incorrectly say that Eric Milam, author of the definitive report on the BAHAMUT threat group, is employed by HP. He is, in fact, employed by Blackberry. I sincerely apologize to Mr. Milam for the error.

In this special episode, we look back at how the show has evolved over the past three years and celebrate our amazing guests and viewers. You've helped grow the Cyber Work Podcast to nearly a million plays!

To give back, we're launching a brand new way for EVERYONE to build their cybersecurity skills. It's free. It's hands-on. Oh, and did we mention there's more than $1,000 in prizes EVERY MONTH.

Huge thank you to all the past guests who shared their expertise over the past 200 episodes. The timings of everyone in this episode are listed below. Happy listening!

0:00 - Intro
0:42 - Monthly challenges and $1,000 in prizes!
1:30 - Cyber Work Podcast origins
2:32 - First episode with Leighton Johnson
3:16 - Finding our first guests
3:46 - Keatron Evans on incident response
6:54 - Susan Morrow on two-factor authentication
8:54 - Susan Morrow on GDPR
11:03 - Susan Morrow on "booth babes" and speaking up
13:20 - Alissa Knight on getting arrested for hacking at 17
16:39 - Alissa Knight on API security
19:14 - Ron Gula on cybersecurity challenges
23:23 - Amber Schroader on the real work of digital forensics
26:19 - Theme of the Cyber Work Podcast
27:01 - Jeff Williams on creating the OWASP Top Ten
31:23 - David Balcar on the biggest APTs
33:46 - Elie Bursztein on breaking into cybersecurity
37:37 - Sam King on AppSec frameworks and analysis
41:17 - Gary DeMercurio on getting arrested for red teaming
47:19 - Eric Milam on the BAHAMUT threat group
53:39 - Feedback from Cyber Work Podcast listeners
55:16 - Alyssa Miller on finding your career path
57:24 - Amber Schroader on computer forensics tasks
59:07 - Richard Ford on malware analyst careers
1:02:02 - Career action you can take today
1:02:19 - Rita Gurevich on reading and learning
1:03:20 - Snehal Antani on transitioning careers
1:04:26 - Promoting underrepresented voices
1:05:09 - Mari Galloway on women in cybersecurity
1:05:31 - Alyssa Miller on diversity "dog whistles"
1:10:11 - Christine Izuakor on creating role models
1:10:52 - We want to hear your story
1:11:40 - Monthly challenges and outro
Listen now

How to use Nmap and other network scanners

Professional development, Cybersecurity
What's on your network, or someone else's? Use free network scanning tools like Nmap, Zenmap and advanced port scanner and find out.
Watch Now

How to excel at penetration testing | Cyber Work Podcast

Professional development, Cybersecurity
Gemma Moore of Cyberis Limited talks about her incredible pentesting career and shares her advice for aspiring pentesters. She also discusses security as it regards the human cost of social engineering, which is the title of a recent article Gemma wrote.

0:00 - Intro
5:26 - Becoming a world-class pentester
13:55 - 2004 pentesting versus now
17:25 - Early years of pentesting
19:30 - Natural skills to be a pentester
23:12 - Advice for aspiring pentesting
25:50 - Working in pentesting
27:50 - Red teaming
31:08 - How to be a great pentester
33:04 - Learn about CREST
36:13 - What should be on my resume?
37:45 - Cyberis Limited
40:25 - Diversity and inclusion
43:42 - The human cost of social engineering
50:06 - Training staff positively
52:54 - Current projects
54:20 - Outro
Listen now

Becoming an ethical hacker with Offensive Security CEO Ning Wang | Cyber Work Podcast

Professional development, Cybersecurity, Certification
Ning Wang of Offensive Security talks to us about her role as CEO of Offensive Security. In her role she is responsible for the company culture, vision, strategy and execution. We talk about Wang’s cybersecurity journey, her direction at OffSec and the ways that white hat hackers can be recruited into the industry, possibly riding the interest of big news-story hacking events like the Colonial Pipeline hack to do so.

0:00 - Intro
2:21 - Origin story
5:31 - Changing careers
7:46 - Skills learned throughout Wang’s career
11:46 - Taking a chance on a new career
12:50 - What is Offensive Security?
16:19 - Try harder mindset
19:42 - Offensive Security certification
23:02 - Recruiting ethical hackers
28:12 - Civic responsibility
33:10 - Ethical hacking job specialties
36:49 - Tips for ethical hacking learners
40:09 - Women in cybersecurity
43:56 - Offensive Security’s future
46:35 - Feedback from students
48:11 - Learn more about Wang OS
48:48 - Outro
Listen now

How to use Wireshark for protocol analysis

Professional development, Best practices, Compliance, Cybersecurity
Learn how to analyze network traffic with the free protocol analyzer Wireshark and sniffing tool tcpdump. Then try it yourself!
Watch Now

Consumer protection careers: Fraud, identity theft and social engineering | Cyber Work Podcast

Phishing, Security awareness, Cybersecurity
Adam Levin of CyberScout talks to us about scams, identity theft and more across the cybersecurity industry from the 1970s until today. He also tells us about his podcast, What the Hack with Adam Levin, which is focused on hacking, fraud and theft.

0:00 - Intro
3:01 - Origin story
7:07 - Bank safety in the old days
8:02 - Fraud and scams over the years
9:27 - Tactics today
13:15 - Scam experiences
14:33 - Scam embarrassment and stigma
18:17 - What the Hack podcast
20:22 - A taste of What the Hack
21:28 - How do you pursue stories for the podcast?
25:38 - How do you structure episodes?
26:44 - Humor in cybersecurity environment
28:43 - Work from home balance
30:25 - What is hot in fraud right now
36:50 - Credit reports
38:28 - Consumer protection and fraud careers
42:53 - Cyber savvy countries
44:31 - Predictions on fraud evolution
48:26 - Benefit to nationwide education?
50:42 - Optimism for security education
52:26 - Find out more about What the Hack
52:58 - Outro
Listen now

How to become a cybersecurity threat intelligence professional | Cyber Work Podcast

Professional development, Cybersecurity
Neal Dennis of Cyware talks to us about building a collective defense via increased threat intelligence sharing in the global security community. Dennis has worked with customer success and clients, helping them map out new intelligence workflows, and has also built out several intelligence analysis programs for Fortune 500 companies. Neal started his career as a SIGINT specialist while serving in the United States Marine Corps and later supported cyber initiatives for USCYBERCOM, STRATCOM, NSA, 24th Air Force, USAF Office of Special Investigations and JFCC-NW.

0:00 - Intro
2:10 - Origin story
3:57 - Military and linguistics influence
6:10 - Work in counterintelligence
8:51 - Digital forensics work
11:02 - Changes in open-source intelligence work
13:00 - Building a global defensive network
15:46 - Why aren’t we sharing info?
18:41 - How to implement global changes?
23:42 - Areas of friction for sharing
29:15 - Threat intel and open-source intel as a job
32:55 - Do research analysis
35:03 - Hiring outlook
37:15 - Tell us about Cyware
39:38 - Learn more about Dennis and Cyware
40:06 - Outro
Listen now

Password security: Using Active Directory password policy

Professional development, Best practices, Compliance, Cybersecurity
How do you enforce a secure password policy? Learn how to implement Windows local and group password policies in this episode.
Watch Now

Tips on entering blue teaming, red teaming or purple teaming | Cyber Work Podcast

Professional development, Cybersecurity
Snehal Antani joins us from to talk about pentesting, red teaming and why not every vulnerability necessarily needs to be patched. He also shares some great advice for people entering the field.

0:00 - Intro
2:12 - Origin story
4:12 - Using your hacking powers for good
7:14 - Working up the IBM ranks
12:18 - Cloud problems
14:25 - Post-IBM days
16:50 - Work with the DOD
20:33 - Why did you begin
24:38 - Vulnerabilities: not always exploitable
29:46 - Strategies to deal with vulnerabilities
33:36 - Sensible use of a security team
35:29 - Advice for red and blue team collaboration
39:14 - Pentesting and red teaming career tips
41:12 - Demystifying red and blue team
45:40 - How do you become intensely into your work
47:24 - First steps to get on your career path
49:49 - How to learn more about
50:42 - Outro

About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at
Listen now
Webinar & video

ISACA career path: The highest paying certifications in the industry | Infosec Edge Webcast

Professional development, Cybersecurity, Certification
Learn about four of the most in-demand and highest-paying certifications — CISA, CISM, CRISC and CGEIT — with average salaries ranging from $103,000 to $133,000, according to Payscale.
Watch now

CMMC is coming: Here’s what cybersecurity professionals need to know | Cyber Work Podcast

Professional development, Compliance, Cybersecurity, Certification
Frank Smith joins us from Ntiva to talk about the new Cybersecurity Maturity Model Certification (CMMC), organizations achieving Level 1 and Level 3 maturity levels, and why CMMC is so important for government contractors. Plus he discusses security for federal entities and how to get started in a career in cyber compliance by becoming a Certified CMMC Professional (CCP) or Certified CMMC Assessor (CCA).

0:00 - Intro
2:11 - Origin story
4:17 - Key projects to climb the work ladder
6:45 - An average work day
9:30 - Cybersecurity Maturity Model Certification
16:38 - CMMC over five years
17:30 - Which level of certification will you need?
19:00 - Level 3 versus level 1 certification
22:20 - Finding your feet by 2022
23:55 - Jobs to take in first steps toward compliance officer
27:27 - Benefits of CMMC for other roles
28:44 - Experiences to make you desirable as a worker
31:55 - Imperative to locking down infrastructure
37:58 - Ntiva
39:47 - Outro
Listen now

Identification, authorization and authentication

Professional development, Cybersecurity
Someone's trying to gain access, but are they who they say they are? That's what the different methods of identification are all about.
Watch Now

Red teaming: The fun, and the fundamentals | Cyber Work Live

Professional development, Cybersecurity
Learn what it’s like to do good by being bad. The idea of breaking into a company, by hook or by crook, attracts all sorts of would-be secret agents. But what is red teaming really like as a job? What are the parameters, what are the day-to-day realities and, most importantly, what is hands-off in a line of work that bills itself as being beyond rules?

Join a panel of past Cyber Work Podcast guests:

– Amyn Gilani, Chief Growth Officer, Countercraft
– Curtis Brazzell, Managing Security Consultant, GuidePoint Security

Our panel of experts have worked with red teaming from a variety of positions and will answer your questions about getting started, building your skills and avoiding common mistakes.

0:00 - Intro
2:34 - Favorite red team experiences
7:57 - How to begin a cybersecurity career
14:42 - Ethical hacking vs pentesting
18:29 - How to become an ethical hacker
23:32 - Qualities needed for red teaming role
29:20 - Gain hands-on red teaming experience
33:02 - Supplier red team assessments
37:00 - Pentesting variety
46:22 - Becoming a better pentester
52:12 - Red team interview tips
56:00 - Job hunt tips
1:01:18 - Sponsoring an application
1:02:18 - Outro
Listen now