Infosecstack: Your Collection of Free Cybersecurity Resources

Posted on 07.24.17

Infosecstack: Your Collection of Free Cybersecurity Resources

Cybersecurity is expensive, and because attackers continuously find new ways to victimize organizations and separate them from their data and hard earned dollars, it is getting more expensive. 

Malware used to steal credit card data, social engineering scams to steal W-2 data, and global ransomware attacks that hold precious data hostage for payment in Bitcoin are just a few of the common attacks today.  The reality is that there are many more. For example, the FBI’s Internet Crime Complaint Center (IC3) has identified 18 unique types of online scams and frauds, not to mention the countless variations of each type.

Because of the growth in the types of attacks, organizations are forced to invest in more types protections. Many organizations are even investing in cyber insurance, which can serve as a backstop against catastrophic loss in the event of a cyber-attack. Organizations that approach cybersecurity investment strategically will start with a risk assessment, the results of which show where they might find the most security for the dollar. Even organizations that have an organized, thoughtful approach to investing in cybersecurity don’t like spending the money.  After all, these are funds that come right out of the bottom line.

Over the years, Keiter has amassed a collection of free cybersecurity resources our team has used internally, we have forwarded to our clients, or that we have otherwise encountered in our work and research.  We decided to take that information, organize it, and share it with the world.  The result is infosecstack.com, short for “information security stack.” It is a carefully curated collection of free cybersecurity resources to help you save money and improve your security.

It’s styled in the spirit of the very popular “stash” or “stack” type websites. Each category on the main page is a clickable link that brings you to a page that lists all the resources in that category.  Bypass the categories and just see everything in one big cybersecurity list by clicking the first box marked “All”.

Some of the resources could belong in multiple categories, for example, Sophos makes available their fully featured corporate firewall free for home use, so it is featured in our firewall section and our home security section.

Visitors who want to be notified when there are updates can simply register their email at the top of the page.  We typically won’t send out updates more frequently than once every two weeks.  And registering for this list will not add you to any other marketing lists.

Infosecstack.com is the pretty version of the content, but we’ve also open sourced the raw materials on GitHub using the very permissive Creative Commons license, which is the best anyone can do to release content without any claim to copyright.  The implication of open sourcing the work is that we are also very amendable to feedback, additions, or really any changes to improve the list.  Recommendations can be made by opening an issue on our GitHub repository (if you’re into that sort of thing) or simply by emailing us: cybersecurity@keitercpa.com.

The information contained within this article is provided for informational purposes only and is current as of the date published. Online readers are advised not to act upon this information without seeking the service of a professional accountant, as this article is not a substitute for obtaining accounting, tax, or financial advice from a professional accountant.

Posted by: Christopher Moschella, CPA, CISA

Chris is a Senior Manager in Keiter’s Risk Advisory Services. Chris has a strong combination of IT skills, which range from IT audit and internal control assessments, including general computer controls and application controls, to full stack web development. Most recently, Chris developed a Cybersecurity web application that assesses an organization’s resistance to social engineering attacks. Chris shares his cybersecurity insights on our blog