Security Training
Explore 19 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Commercial
Application Security
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Commercial
Application Security
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Commercial
Cloud Security
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Commercial
Application Security
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
LATEST ADDITIONS
Network Intelligence is a cybersecurity services provider offering comprehensive security solutions through their ADVISE framework, including detection and response, compliance, data privacy, and secure digital transformation services across multiple industries.
A security awareness platform that combines phishing simulations with employee training to reduce organizational risk from email-based attacks.
A list of vulnerable applications for testing and learning
Deliberately vulnerable web application for security professionals to practice attack techniques.
IT certification training for CompTIA exams with free resources.
The best security training environment for Developers and AppSec Professionals.
echoCTF is a computer security framework for running cybersecurity exercises and competitions like Capture the Flag, used for network penetration testing and security auditing.
A wargame composed of 27 levels, with files needed in /vortex/ directory.
GRFICS is a graphical realism framework for industrial control simulations using Unity 3D game engine graphics to enhance ICS security training.
A series of vulnerable virtual machine images with documentation to teach Linux, Apache, PHP, MySQL security.
An open-source phishing toolkit for businesses and penetration testers.
Free training sessions on Reverse Engineering, Malware Analysis, and Exploit Development.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
CloudGoat is a 'Vulnerable by Design' AWS deployment tool for honing cloud cybersecurity skills through 'capture-the-flag' style scenarios.
A wargaming network for penetration testers to practice their skills in a realistic environment.
A platform for creating and managing fake phishing campaigns to raise awareness and train users to identify suspicious emails.
SANS Institute provides cyber security training, certifications, and degrees to empower cyber security practitioners and teams.