Security School Course Catalog from

Check out SearchSecurity's catalog of free online security courses led by information security experts on today's most popular security topics.

Welcome to SearchSecurity's School course catalog. We offer a variety of free online information security training...

courses that you can take on your own time, at your own pace.

These lessons -- many of which feature video seminars and review quizzes eligible for CPE credits -- will arm you with the foundational and tactical information needed to keep your organization compliant and secure.

From cloud security and data protection to identity and access management and messaging security -- SearchSecurity has you covered.

CISSP Certification Essentials

Our exclusive CISSP Essentials trainings feature expert content from exam trainer Logical Security and (ISC)2, global information security educator and certification leader. In the following domains explore the fundamental concepts, technologies and practices of information systems security. Each lesson corresponds to a subject domain in the exam's "Common Body of Knowledge" -- the essential elements each CISSP-certified practitioner must know.

Domain 1: Governance, risk management and compliance
Learn tips and strategies for addressing governance, risk management and compliance covered in the CISSP exam.

Domain 2: Data encryption methods
Learn about data encryption methods and what it means to practice good data management.  

Domain 3: Security systems engineering
From security architectures to cryptanalysis to abstraction techniques, this Security School provides an overview of security systems engineering topics tested in Domain 3.

Domain 4: Network security
Learn about network security fundamentals like segmentation and secure routing in this study guide for Domain 4 of the CISSP exam.

Domain 5: Identity and access management
From cloud IAM to physical access control, this study guide will help you review key concepts from Domain 5 of the CISSP exam.

Domain 6: Security assessment and testing
This domain help you expand your knowledge of tools and techniques to identify vulnerabilities and possible attack surfaces.

Domain 7: Preventing data breaches
Learn about the various tools and best practices for building up your defenses, detecting suspicious behavior and responding to malicious activity.

Domain 8: Secure software development
Learn the basic principles behind securely designing, testing and building enterprise applications.

Cloud Security School

In these lessons the industry's foremost cloud security experts explain how to securely take advantage of the flexible infrastructure models and lower operating costs that make the cloud an attractive alternative for many enterprise IT organizations.

Solving enterprise cloud security challenges: In-house or CSPs?
In this lesson, take a look at cloud security challenges enterprises today are facing and gain insight into the latest cloud security provider developments and improvements which aim to help enterprises tackle their problems.
Featuring Dave Shackleford, owner and principal consultant, Voodoo Security

Cloud-based identity and access management
Cloud security expert Dave Shackleford discusses the risks and rewards of cloud-centric identity and access management, outlines how to know if it's the best choice for your enterprise, and offers numerous tips for a successful cloud IAM implementation.
Featuring Dave Shackleford, owner and principal consultant, Voodoo Security

Understanding cloud-specific security technologies
How to understand and when to use traditional vs. cloud-specific security products.
Featuring Joseph Granneman, MBA, CISSP

Cloud application security best practices
How to secure cloud applications, especially in a PaaS environment.
Featuring Diana Kelley

IAM control in the cloud
IAM policy, process and technology options for the cloud.
Featuring Phil Cox

Data Protection Security School

These lessons provide information security professionals with the tools and tactics they need to successfully secure data throughout the enterprise, whether in motion or at rest.

Privileged access management and security in the enterprise
Learn the importance of privileged access management and monitoring trusted user accounts.
Featuring Mike Cobb

Why SSL certificate security matters
Learn about specific methods used to exploit SSL and how to defend against them.
Featuring Rob Shapland

DLP deployments: Understanding your options
Learn the different DLP technologies to help ensure your organization has a successful DLP deployment.
Featuring Kevin Beaver

Security visibility: Honestly assessing your security posture
Using technology to build a centralized collection of security intelligence.
Featuring Aaron Turner

Network content monitoring must-haves
Focusing on what matters when investing in network content protection.
Featuring Mike Chapple, University of Notre Dame

Realigning your data protection priorities
Re-prioritizing to thwart the theft of credentials and attackers who want them.
Featuring David Sherry

Watching the watchers
Monitoring trusted insiders with process, policy & technology.
Featuring Andreas Antonopoulos

Mobile device policy: How to prevent data theft
Lock down smartphones to prevent sensitive data leakage.
Featuring Lisa Phifer, president, Core Competence Inc.

Locking down database applications
Secure database apps via roles and privileges.
Featuring Andreas Antonopoulos

Intrusion Defense School

These lessons help put the pieces of intrusion defense -- antivirus, antispyware, IDS/IPS, etc. -- in perspective to help you implement an intrusion defense strategy that meets your organization's needs.

Distributed denial-of-service attack defense
Learn the ins and outs of distributed denial-of-service attacks and how to defend against them.
Featuring Michael Cobb, CISSP-ISSAP

Performing an authenticated vulnerability scan
Learn why authenticated vulnerability scans matter and how to add them to your vulnerability assessment program.
Featuring Kevin Beaver, CISSP

How best to find and fend off malicious mobile apps
Learn where the most dangerous mobile threats are coming from and how to counter them. 
Featuring Michael Cobb, CISSP-ISSAP

Keeping Web malware out of enterprise systems
Learn how to keep your system's defenses strong against Web-borne malware.
Featuring Pete Lindstrom

Architectural considerations for enterprise antimalware deployments
Learn how to effectively architect antimalware systems for your enterprise.
Featuring Diana Kelley

Developing a defense-in-depth strategy for malware defense
Inside the state of malware & building an effective antimalware program.
Featuring Lenny Zeltser, SANS instructor, noted author

How DAM can help detect and trace attacks
Learn effective DAM configurations to best detect and trace attacks.
Featuring Adrian Lane, CTO, Securosis LLC

Reinventing defense in depth
Explore key elements of successful layered security architecture.
Featuring Mike Chapple, University of Notre Dame

Practical strategies to mitigate insider threats
Learn about monitoring strategies for detection of insider threats.
Featuring Dawn Cappelli

Compliance School

Take a comprehensive look at ongoing information security compliance issues, regulations and practices.

Compliance metrics: Building a compliance scorecard
How to build a compliance scorecard that makes sense to executives.
Featuring Eric Holmquist

How to pass a PCI assessment
How to make PCI compliance a continuous process.
Featuring Anton Chuvakin

Integration of Networking and Security School

In these lessons, SearchSecurity and SearchNetworking offer you an in-depth look at how security-related and networking-related teams, products and processes are affecting enterprise network security.

Behavioral analytics and security go hand in hand
This Security School explains how behavioral analytics works to enhance security in today's businesses.
Featuring Johna Till Johnson, CEO and founder of Nemertes Research

Securing IoT in the enterprise
This Security School offers advice on securing IoT devices, to help infosec pros ensure the connected devices that end users deploy do no harm to enterprise network.
Featuring Dan Sullivan

Network perimeter security
Learn about the pressures transforming the enterprise network perimeter and how to adapt your strategy for network perimeter security.
Featuring Johna Till Johnson, CEO and founder of Nemertes Research

Game-changing enterprise authentication technologies and standards
Learn about next-generation authentication methods and technologies, and how emerging new standards can enable more secure enterprise authentication.
Featuring Mike Cobb

Knock advanced malware out cold with network anomaly detection
The ability to detect network anomalies is now essential in the battle against advanced malware. In this Security School, expert Peter Sullivan explains why, and how to go about employing anomaly-detecting tools.

Improving security management with SIEM
Learn how to effectively analyze SIEM data, improve SIEM collection, set responsible goals and more.
Featuring Mike Rothman, president of Securosis

Security analytics: The key to reliable security data, effective action
Learn how to develop a customized security analytics program that delivers insightful, actionable information.
Featuring Josh Sokol, CISSP

Next-generation firewalls: Must-have NGFW features
Explore best practices for making a next-generation firewall evaluation.
Featuring Joel Snyder, senior partner, Opus One

Managing BYOD endpoint security
Get help developing an over-arching security strategy to combat mobile security woes.
Featuring Craig Mathias, principal, Farpoint Group

Endpoint security controls: Moving beyond antivirus 
Learn which security controls are critical to ensuring successful threat protection.
Featuring Mike Rothman, president, Securosis

Strengthening policies for endpoint control
Strategies, policies, practices and tools to rein in unruly endpoints.
Featuring Lisa Phifer, president, Core Competence Inc.

How IDS/IPS enables business objectives
Map key network security technologies and practices to business needs.
Featuring Jennifer Jabbusch

Application log management program planning
Enable an application log management program for security and compliance.
Featuring Diana Kelley

This was last published in October 2014

Dig Deeper on Security industry certifications

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

That is indeed an extensive list of options. I appreciate how they are separated into unique categories. I think I may have some fresh evening education materials to work with :).
Thanks for providing us with the great list of options!

Wow great resource. I'm new here thanks for the opportunity for me to join this amazing resource.
Share your comment