FreeCourse
CourseraSelf-pacedNewly added
Welcome to the RecertHero soft launch!
Submit bugs, feature requests, and feedbackISC2 · Self-paced
Self-paced opportunities that count toward CISSP renewal — on-demand courses, video lessons, and self-study tracks you can finish on your own schedule. RecertHero estimates the CPE value of every opportunity, so you can plan toward the 120 CPEs CISSP requires every 3 years — without re-keying each entry into ISC2's portal.
52 results mapped to CISSP, soonest first.
Cyber threats present a constant challenge today, costing billions and affecting everyone, from governments to small businesses. Are you ready to contribute to the solution? This course will provide you with a deep understanding of cybersecurity principles, industry standards, regulations, and audit processes. You will explore the fundamental concepts of information security and compliance, covering topics such as governance, risk, compliance, cybersecurity frameworks, and process management. You will also learn about IT service management and explore the NIST risk management framework and AI ethical considerations. You will gain insights into cybersecurity laws and regulations, focusing on both US and global perspectives, including HIPPA, GDPR, and PCI DSS. Additionally, you will familiarize yourself with the audit processes using the COBIT framework and SOC reports. You will also explore prominent standards such as OWASP, ISO, and IEEE, learning how to apply them effectively. Throughout this five-module self-paced course, you will engage in interactive activities to apply your knowledge in real-world scenarios. You will also complete a final project to test your skills and showcase your understanding. Join us on this cybersecurity journey!
AI Best Practices — self-paced course on Cybrary. Visit the course page for full details and prerequisites.
Large Scale Enterprise Computing powers all major transactions, and the Mainframe is responsible for 87% of all credit card transactions and enables 71% of all Fortune 500 companies. Mainframes are fundamental on how we do business, and IBM Z is the only production mainframe sold today. Virtually everyone depends on it. This is your introduction to the hardware, operating systems, security, and features that make this possible. On successful completion of this course, learners are eligible to earn their Introduction to Enterprise Computing badge. More information can be found here: https://www.youracclaim.com/org/ibm/badge/introduction-to-enterprise-computing
This program equips cybersecurity professionals, IT teams, and system administrators with the foundational knowledge and practical skills needed to identify, analyze, and remediate vulnerabilities across modern enterprise environments. You’ll start by understanding the vulnerability assessment lifecycle, exploring how weaknesses emerge in networks, systems, and web applications, and learning the principles behind risk, exposure, and exploitability. Next, you’ll dive into hands-on vulnerability assessment techniques, using tools such as Nmap, Nikto, and open-source scanners to perform host discovery, service enumeration, and web application checks. You’ll learn how to validate findings, classify severity using structured scoring methods, and document vulnerabilities effectively for organizational reporting. You’ll then advance into vulnerability management, where you’ll design patching workflows, apply configuration hardening practices, automate remediation tasks, and perform post-fix validation. You will also learn how to build governance processes, track metrics, and create dashboards that support long-term risk reduction and audit readiness. By the end of this program, you will be able to: - Explain the core concepts of vulnerability assessment and the full assessment lifecycle. - Distinguish between vulnerabilities, threats, risks, and exploits in enterprise environments. - Conduct network and web vulnerability scans using open-source tools such as Nmap and Nikto. - Validate scan results, classify vulnerabilities, and prioritize remediation using risk-based scoring. - Implement patch management, configuration hardening, and automated remediation techniques. - Design and document a vulnerability management program aligned with governance requirements. - Create consolidated reports and dashboards to track vulnerabilities and support compliance. This course is designed for cybersecurity engineers, SOC analysts, network administrators, DevOps practitioners
Multi-course professional certificate program on edX. Self-paced with verified certificate option. Visit the program page for full curriculum, institution, and pricing details.
Advanced Cyber Threat Intelligence 2020 07 09 — self-paced course on Cybrary. Visit the course page for full details and prerequisites.
This course is ideal for individuals with a basic understanding of digital technology as well as developers or security professionals wishing to expand their blockchain knowledge. It provides a comprehensive introduction to the world of blockchain technology. We will delve into the core principles of blockchain, exploring the critical decision-making processes involved in adopting this innovative technology. This course offers an overview of various blockchain platforms, hosting decisions, associated technologies, and the key development languages used. An important aspect of this course will be the introduction to the concept of consensus mechanisms and their integral role in maintaining the integrity of the blockchain. By the end of this course, you will be able to: - Describe how blocks are chained together - Compare and contrast Pure versus Hybrid blockchains - List the blockchain layers and describe what each of them does - Describe the difference between on-chain and off-chain data storage - Determine the right language and tools based on the blockchain platform and use case - Describe the Byzantine Generals Problem - Explain the blockchain trilemma - Explain how cryptography, consensus, and immutability enhance blockchain security
This course is designed for intermediate-level learners who want to enhance their security skills in Android development. Participants will analyze the structure of Android memory and evaluate its defenses against exploitation, including understanding pointers and their role in buffer overflow exploits. The course covers various types of overflows, mitigation techniques, and specific vulnerabilities such as the Stagefright buffer overflow. In addition to exploitation techniques, learners will explore secure data storage practices within the Android file system, implement cryptography concepts, and securely manage credentials using the Android Keystore. The course also addresses password security through hashing and salting techniques, common data risks, and secure storage practices to protect data at rest. Finally, participants will gain insights into network security, data protection in transit, and securing inter-process communications and webviews in Android applications.
This course is designed to demystify Zero Trust security and guide learners through practical implementation. Based on the principle of “never trust, always verify,” this course explains what Zero Trust is, why it matters, and how organizations can begin their Zero Trust journey. Key topics include network, endpoint, and cloud security, starting with foundational concepts and addressing misconceptions—highlighting that Zero Trust is not achieved by simply deploying technologies. Real-world use cases, assessment methodologies, and maturity ranking techniques help participants create a customized Zero Trust strategy for their business. The curriculum explores modern Zero Trust standards and frameworks, such as NIST and the Open Group, moving from principles to architectural design. With a focus on practical application and strategic planning, this course is ideal for anyone responsible for organizational security seeking to enhance their defense strategy using Zero Trust.
Access Control Basics 4b6c9 — self-paced course on Cybrary. Visit the course page for full details and prerequisites.
Access Control Basics — self-paced course on Cybrary. Visit the course page for full details and prerequisites.
Access Control And Identity Management — self-paced course on Cybrary. Visit the course page for full details and prerequisites.
Implement a defense-in-depth security strategy for Azure Storage. Harden storage accounts, govern access with Microsoft Entra ID and stored access policies, enforce network perimeter controls using firewall rules and private endpoints, and enable Microsoft Defender for Storage to detect threats from malicious uploads and compromised AI agent credentials.
Implement layered security controls across Azure virtual machines and Arc-enabled hybrid servers. Configure disk encryption, Trusted Launch, Azure Bastion, Microsoft Defender for Servers, just-in-time VM access, and Azure Machine Configuration to close security gaps across your server estate.
ISC2 Knowledge Vault Webinars—Cybersecurity DiscussionsRelevant and cutting edge infosecurity discussions presented by subject matter experts and mini webcasts that give viewers a sneak peek into each of ISC2 certifications' domains. — webinar from ISC2. Visit the page for date, presenters, and registration details.
ISC2 Think Tank Webinars—Cybersecurity Thought Leadership 60-minute roundtable webinar where influential security experts present and debate on a range of thought-leadership topics surrounding today’s most pressing security challenges. — webinar from ISC2. Visit the page for date, presenters, and registration details.
ISC2 Security Briefings Webinars—EMEALive and on-demand online events where regional industry experts, ISC2 members and solution providers offer their thought leadership on a variety of topics. — webinar from ISC2. Visit the page for date, presenters, and registration details.
ISC2 Security Briefings Webinars—APAC Asia Pacific Online learning that provides members and participants a wide range of security related information in a flexible and bite-size approach. — webinar from ISC2. Visit the page for date, presenters, and registration details.
ISC2 Security Briefings - North America1-hour webinars that provide a "deep dive" into a topics by listening to a multi-part webinar series on a subject over a short period of time. — webinar from ISC2. Visit the page for date, presenters, and registration details.
Learn to design and implement strong authentication controls, apply Just-in-Time privileged access strategies, and extend identity-based security to AI-powered applications using Microsoft Entra.
How Are Remote Workers Working? A SANS Poll Remote work has quickly become the \new normal" with the COVID-19 pandemic. Organizations have been forced to rethink how they will get work done with their employees mandated to stay home. 'How are organizations handling working from home? How well were companies prepared for remote work? How have technological needs changed with this shift? How are teams communicating? How are devices and communications being secured? When a time like this does not allow for the mission to halt, employees and employers have scrambled to keep the work going. 'Ensuring that teams are equipped, communicating, and are safe at home is key during this time.'this webinar, led by Heather Mahalik SANS Senior Instructor, Author and Senior Director of Digital Intelligence at Cellebrite, covers how companies have adjusted to this new landscape as a workforce. How have things changed and how are we coping and keeping the ball rolling forward from home.WebinarCyber Defense Presented: 4 Jun 2020 Technical Presentation View details
SANS Top New Attacks and Threat Report As we move into 2020, news reports have been filled with reports of deepfakes, attacks against election systems, quantum computing advances and more. SANS instructors Heather Mahalik, Ed Skoudis and Johannes Ullrich present their analysis of the new attack techniques currently in use that will affect you and share their projections for future exploits in a highly rated keynote presentation moderated by Alan Paller at the annual RSA Conference in San Francisco.In this webcast, SANS Director of Emerging Security Trends John Pescatore will highlight key themes from that report and other sources to provide:Coverage of the top new attacks and threats as defined in that presentationDeeper insight into overall cybersecurity trends on both the offensive and defensive sidesAdvice from SANS on the steps enterprises must take to evolve critical skills, processes and controls to mitigate current and future risksBe among the first to receive the associated whitepaper written by John Pescatore, SANS Director of Emerging Security Trends.WebinarCyber Defense Presented: 28 Apr 2020 Technical Presentation View details
2020 SANS Cyber Threat Intelligence (CTI) Survey Results Over the past several years, SANS has seen a gradual maturation of cyber threat intelligence (CTI) and its applications in information security. The 2019 CTI survey saw an increase in usage of and interest in CTI, along with a diversification in how the intelligence is being used by organizations. While the use of CTI continued to grow, it became evident that there is no one-size-fits-all approach. Organizations leverage different types of CTI to meet different needs.The 2020 Cyber Threat Intelligence (CTI) Survey builds on previous surveys to provide guidance on how organizations of all types can get the most out of CTI. Attendees at this webcast will gain insight into:How consumers and generators of CTI leverage, create and measure intelligenceWhat progress has been made on automation of intelligence collection and processingWhat improvements organizations have realized as a result of using CTIWhich best practices are in use across respondents' organizationsRegister today to be among the first to receive the associated whitepaper written by SANS instructor and CTI expert Robert M. Lee.Click here to register for a panel discussion of the survey results on Thursday, February 13, 2020, at 1PM Eastern. On this webcast, Robert M. Lee and sponsor speakers will explore how these results can improve CTI programs.WebinarDigital Forensics and Incident Response Presented: 11 Feb 2020 Technical Presentation View details
Open Season on Cyberthreats: Part I- Threat Hunting 101 Expanding on the results of the 2015 SANS Incident Response Survey, the threat hunting survey explores the uses and benefits of threat hunting. Results of the survey will be presented in a two-part webcast.In Part 1 of the webcast, attendees will gain insight into:What threat hunting entailsWhat pitfalls stand in the way of attaining actionable resultsWhat organizations are discovering through threat huntingPart 2 of the webcast, held on Friday, April 15, 2016 at 1:00 p.m. Eastern, will focus on threat hunting methodologies and tools. Be among the first to receive the associated whitepaper written by threat hunting expert and SANS Analyst Eric Cole.View the associated whitepaper here.Enrich your Threat Hunting skills by attending the Threat Hunting and Incident Response Summit | New Orleans, LA | Tuesday, Apr 12-19, 2016.WebinarDigital Forensics and Incident Response Presented: 14 Apr 2016 Technical Presentation View details
ImportantRecertHero is an independent aggregator. Credit estimates are guidance only — always verify with your certifying body.