FreeCourse
CourseraSelf-pacedNewly added
Welcome to the RecertHero soft launch!
Submit bugs, feature requests, and feedbackISACA · Self-paced
Self-paced opportunities that count toward CISA renewal — on-demand courses, video lessons, and self-study tracks you can finish on your own schedule. RecertHero estimates the CPE value of every opportunity, so you can plan toward the 120 CPEs CISA requires every 3 years — without re-keying each entry into ISACA's portal.
23 results mapped to CISA, soonest first.
Cyber threats present a constant challenge today, costing billions and affecting everyone, from governments to small businesses. Are you ready to contribute to the solution? This course will provide you with a deep understanding of cybersecurity principles, industry standards, regulations, and audit processes. You will explore the fundamental concepts of information security and compliance, covering topics such as governance, risk, compliance, cybersecurity frameworks, and process management. You will also learn about IT service management and explore the NIST risk management framework and AI ethical considerations. You will gain insights into cybersecurity laws and regulations, focusing on both US and global perspectives, including HIPPA, GDPR, and PCI DSS. Additionally, you will familiarize yourself with the audit processes using the COBIT framework and SOC reports. You will also explore prominent standards such as OWASP, ISO, and IEEE, learning how to apply them effectively. Throughout this five-module self-paced course, you will engage in interactive activities to apply your knowledge in real-world scenarios. You will also complete a final project to test your skills and showcase your understanding. Join us on this cybersecurity journey!
AI For Incident Responders — self-paced course on Cybrary. Visit the course page for full details and prerequisites.
AI For Grc Analysts — self-paced course on Cybrary. Visit the course page for full details and prerequisites.
Updated in May 2025. This course now features Coursera Coach! A smarter way to learn with interactive, real-time conversations that help you test your knowledge, challenge assumptions, and deepen your understanding as you progress through the course. This comprehensive course is designed to equip you with the knowledge and skills necessary to effectively audit IT project governance and system development processes. It begins with an overview of project governance and management, emphasizing the roles and responsibilities of key stakeholders, including project sponsors and the Project Management Office (PMO). You will gain a solid understanding of project initiation, planning, and execution phases, learning how to differentiate between auditing project content and project execution. Special focus is given to the project management methodologies, such as Agile and Predictive approaches, and the essential procedures for closing projects, ensuring you are well-versed in each phase of the project lifecycle. The course then transitions to system development and risk management, where you will explore various system development lifecycle (SDLC) models and their associated risks. You will learn how to assess these risks and understand different software development methods, including the use of Computer Aided Software Engineering (CASE) tools and fourth-generation languages (4GLs). Key topics such as business case development, feasibility analysis, and the identification and design of effective data controls are thoroughly covered, preparing you to evaluate system and software development from an IS auditor's perspective. In the final modules, the focus shifts to testing methodologies, data integrity, and change management. You will delve into decision support systems, testing plans, and methodologies to ensure data integrity and accuracy in application systems. The course also covers data migration processes, changeover techniques, and post-implementation reviews (P
This program equips cybersecurity professionals, IT teams, and system administrators with the foundational knowledge and practical skills needed to identify, analyze, and remediate vulnerabilities across modern enterprise environments. You’ll start by understanding the vulnerability assessment lifecycle, exploring how weaknesses emerge in networks, systems, and web applications, and learning the principles behind risk, exposure, and exploitability. Next, you’ll dive into hands-on vulnerability assessment techniques, using tools such as Nmap, Nikto, and open-source scanners to perform host discovery, service enumeration, and web application checks. You’ll learn how to validate findings, classify severity using structured scoring methods, and document vulnerabilities effectively for organizational reporting. You’ll then advance into vulnerability management, where you’ll design patching workflows, apply configuration hardening practices, automate remediation tasks, and perform post-fix validation. You will also learn how to build governance processes, track metrics, and create dashboards that support long-term risk reduction and audit readiness. By the end of this program, you will be able to: - Explain the core concepts of vulnerability assessment and the full assessment lifecycle. - Distinguish between vulnerabilities, threats, risks, and exploits in enterprise environments. - Conduct network and web vulnerability scans using open-source tools such as Nmap and Nikto. - Validate scan results, classify vulnerabilities, and prioritize remediation using risk-based scoring. - Implement patch management, configuration hardening, and automated remediation techniques. - Design and document a vulnerability management program aligned with governance requirements. - Create consolidated reports and dashboards to track vulnerabilities and support compliance. This course is designed for cybersecurity engineers, SOC analysts, network administrators, DevOps practitioners
Multi-course professional certificate program on edX. Self-paced with verified certificate option. Visit the program page for full curriculum, institution, and pricing details.
Access Control Basics — self-paced course on Cybrary. Visit the course page for full details and prerequisites.
Detecting Malicious Activity in Large Enterprises Modern enterprises are extremely diverse and complex. Yet, security data collection, correlation, and analysis has not kept up with these complexities. It often seems like organizations collect too much without ever truly finding value in the vast amounts of data they have amassed. In this webcast, SANS author Matt Bromiley and Chronicle Security's Dr. Anton Chuvakin focus on concepts to effectively detect malicious activity within large enterprises. They will review how to bring giga-/tera-/petabytes togethers, correlating them into actionable intel by using YARA-L to craft efficient detections that can be used across these vast data sets. The webcast will help attendees answer important questions such as:In your current state, how much data are you ingesting/analyzing?How is your team writing detections? What types of metadata points are they looking for?How do you detect threats?Can you effectively scale detections across your data sets?How do you manage the lifecycle of those detections, tune them, keep them relevant, remove them when no longer relevant? Register today and be among the first to receive the associated whitepaper written by Matt Bromiley.WebinarDigital Forensics and Incident Response Presented: 10 Sep 2020 Technical Presentation View details
How to Improve Threat Detection and Hunting in the AWS Cloud Using the MITRE ATT&CK Matrix Understanding adversary tactics and techniques based on real-world observations are critical to building more effective threat detection and hunting capabilities. The context provided by data sources is what enables us to make actionable decisions. Still, it is limited to what raw data inputs we consume, as well as consuming enough of the right data to be able to mitigate, remediate and prevent future adversary activity. However, detecting malicious events is not the final solution to thwarting adversaries. Actions need to be taken, whether they are operational (e.g., stopping a malicious process) or strategic (e.g., securing an environment to prevent the execution of malicious processes). In this webinar, SANS and AWS Marketplace will discuss the exercise of applying the MITRE ATT&CK Matrix to the AWS Cloud. They will also explore how to enhance threat detection and hunting in an AWS environment to maintain a strong security posture. Attendees will learn how to:Apply the MITRE ATT&CK Matrix to classify and understand cloud-based techniquesCreate an effective detection strategy and uncover what data sources are requiredBreak down and recognize detections by security product capabilities and data sourcesLeverage threat intel for improved detectionUse AWS services and third-party solutions to support their threat detection and hunting strategy Register today to be among the first to receive the associated whitepaper written by SANS senior instructor and cloud security expert Dave Shackleford.WebinarDigital Forensics and Incident Response Presented: 1 Sep 2020 Technical Presentation View details
Building and Maturing Your Threat Hunt Program While threat hunting sounds exciting--and promising--building an effective program can be daunting. The very definition of threat hunting is fluid, creating confusion about how to use it. Practitioners often have varying opinions about what would be involved in a threat hunt program and how to use it. And, there are many questions about how to develop a program that can evolve into an effective, mature one.In this new SANS webcast, SANS instructor Davis Szili, with insights from a Cisco representative, will help attendees define threat hunting and create an effective process for using it.'the webcast will address getting started, including building a team, what a typical hunt might look like and building a knowledge base for later use. 'Attendees also will learn how to create a test lab and use effective metrics.Register now and be among the first to receive the associated white paper written by David Szili.WebinarDigital Forensics and Incident Response Presented: 25 Jun 2019 Technical Presentation View details
Empowering Incident Response via Automation Despite advances in incident response, the security community tells SANS there are plenty of things to fix. Automation is sometimes presented as the solution, but what does that mean? In a new SANS webcast and paper, we will talk about automation to empower your employees and make them more successful.While we are making noticeable advancements in some areas, such as dwell times, there's still significant room for improvement in automation. Join us to examine some of the critical issues facing incident responders today. These issues, which may vary in your organization, typically include:The inability to move from remediation/eradication to recoveryMonotonous and/or laborious processes that eat up time that could be spent dealing with incidentsLack of data enrichment to help make investigative decisionsLack of investigative tracking mechanisms to help teams "learn from the past"Register to attend this webcast and be among the first to receive the associated whitepaper written by SANS community instructor and analyst, Matt Bromiley.WebinarDigital Forensics and Incident Response Presented: 22 Mar 2019 Technical Presentation View details
Open Season on Cyberthreats: Part I- Threat Hunting 101 Expanding on the results of the 2015 SANS Incident Response Survey, the threat hunting survey explores the uses and benefits of threat hunting. Results of the survey will be presented in a two-part webcast.In Part 1 of the webcast, attendees will gain insight into:What threat hunting entailsWhat pitfalls stand in the way of attaining actionable resultsWhat organizations are discovering through threat huntingPart 2 of the webcast, held on Friday, April 15, 2016 at 1:00 p.m. Eastern, will focus on threat hunting methodologies and tools. Be among the first to receive the associated whitepaper written by threat hunting expert and SANS Analyst Eric Cole.View the associated whitepaper here.Enrich your Threat Hunting skills by attending the Threat Hunting and Incident Response Summit | New Orleans, LA | Tuesday, Apr 12-19, 2016.WebinarDigital Forensics and Incident Response Presented: 14 Apr 2016 Technical Presentation View details
The 20 Critical Controls are quick wins that allow you to rapidly improve your cybersecurity without major procedural or technical change. International cybersecurity experts developed the 20 Critical Controls to be the most effective and specific set of technical measures to counter the most common and damaging computer attacks. The controls address the root causes of these attacks to ensure your security measures are effective. This presentation will also discuss how VA Tech is implementing the 20 Critical Controls as part of its overall security strategy.WebinarCybersecurity and IT Essentials Presented: 23 May 2013 Randy Marchany Technical Presentation View details
A facilitator's kit + recording of a 90-minute exercise simulating a ransomware incident touching on-prem AD, two cloud tenants, and a third-party MSP. Includes injects, scoring sheet, and after-action template.
Vendor walkthrough of the SecureX orchestration story — integrations, response workflows, threat hunting via cross-product pivots.
Lessons from a 12,000-employee company's migration from ISO 27001:2013 to the 2022 controls. Includes a mapped control delta and an evidence-gathering checklist.
How to author, test, and tune Sigma detections that survive contact with reality. Covers ATT&CK alignment, false-positive triage, and a CI pipeline for detections-as-code.
Hands-on learning path on TryHackMe covering SOC Level 1 (Legacy). Self-paced sequence of practical rooms with live attacker/defender labs. Some rooms are free; full path access included in a TryHackMe subscription.
Hands-on learning path on TryHackMe covering Advanced Endpoint Investigations. Self-paced sequence of practical rooms with live attacker/defender labs. Some rooms are free; full path access included in a TryHackMe subscription.
Hands-on learning path on TryHackMe covering SOC Level 1. Self-paced sequence of practical rooms with live attacker/defender labs. Some rooms are free; full path access included in a TryHackMe subscription.
Retention helps organizations meet compliance requirements and manage the lifecycle of data in Microsoft 365. This learning path shows how to configure retention labels and policies, apply them with adaptive scopes, and recover deleted content in Microsoft 365 workloads. It aligns with exam SC-401: Microsoft Information Security Administrator.
Logging actions and locating content are essential for investigating events, supporting compliance efforts, and maintaining transparency. Microsoft Purview provides audit and content search capabilities to help organizations understand what actions were taken and find specific items across Microsoft 365 services. This learning path aligns with exam SC-401: Microsoft Information Security Administrator.
Azure Assets Security Auditing Best Practices — Pluralsight course. Visit the course page for full details, prerequisites, and pricing.
ImportantRecertHero is an independent aggregator. Credit estimates are guidance only — always verify with your certifying body.