Repository of materials


  • "An Open, Safe and Secure Cyberspace" EU Cyber Security Strategy


  • Code of EU online rights



The report provides a synthesis of the results of the European Cyber Security Month (ECSM) which took place as a pilot project across Europe throughout last October 2012. The report gives an overview of the security-related weeks organised at national level by the eight participating countries - the Czech Republic, Luxembourg, Norway, Portugal, Romania, Slovenia, Spain and the United Kingdom -; describes the role played by ENISA as coordinator of the organisation of the ECSM; and finally identifies a set of lessons learned which could be applied to future ECSMs.



Network Information Security (NIS) in Education


Collaborative Solutions For Network Information Security in Education



  • 2011 report: European Month of Network and Information Security for All - A feasibility study


  • 2010 reports: Promoting information security as a cultural and behavioural change; Training material for small and medium enterprises;

Information security tips for employees; Internet safety tips for parents and guardians; Online as soon as it happens; How to shop safely online;


  • 2009 reports: The growing requirement for information security awareness;  Guidelines for parents, guardians and educators on child online protection; Information security awareness in financial organisations - Guidelines and case studies; ENISA’s ten security awareness good practices; ATM crime - Overview of the European situation and golden rules on how to avoid it;


  • 2008 reports: Secure USB flash drives; Secure printing;  The new users’ guide: how to raise information security awareness;  Children on virtual worlds - What parents should know; Obtaining support and funding from senior management while planning an awareness initiative;

Information security awareness in financial organisations; Social engineering: Exploiting the weakest links; Security awareness management in local governments: Approaches in Scandinavia;  Awareness raising quizzes templates: Targeting parents, end-users and SMEs;












European Consumer Center





Here are some OWASP tools, games, videos and document resources that are helpful for developers interested in secure coding and application security in general.

  • OWASP Cheat Sheets

The OWASP Cheat Sheets provide a concise collection of high value information on specific web application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics.

  • OWASP Proactive Security Controls

OWASP Top Ten Proactive Controls is a list of security techniques that should be included in every software development project.

  •  OWASP Top Ten

The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are.

  •  OWASP Software Assurance Maturity Model (OpenSAMM) The Software Assurance Maturity Model (SAMM) is an open framework to help formulate and implement a strategy for software security that is tailored to the specific risks facing the organization.

  •  OWASP Application Security Verification Standard The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls.

  •  Application Security Guide for CISOs

This CISO guide is written to help CISOs that are responsible for managing application security programs from the information security and risk management perspectives.

  •  OWASP Testing Project

The aim of the project is to help people understand the what, why, when, where, and how of testing web applications.

  •  Games:

 OWASP Cornucopia

OWASP Cornucopia is a card game used to help derive application security requirements during the software development life cycle.


 OWASP Hackademics

The OWASP Hackademic Challenges Project is an open source project that helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlable and safe environment.

  •  Videos & Podcast Series:

 OWASP AppSec Tutorial Series

OWASP AppSec Tutorial Series is a collection of video lessons that are designed to teach various topics in application security.

  •  OWASP Podcast Series

 OWASP 24/7" is series of recorded broadcasts, highlighting OWASP projects and people from around the world. With over 43,000 members in 100 countries, the OWASP 24/7 channel is available on demand, at anytime, anywhere on the planet.

  • Tools:

 OWASP Zed Attack Proxy

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

Twitter: @zaproxy


OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like: The OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST.

Twitter: @owtfp

 OWASP Python Security Project

OWASP project that aims at creating a hardened version of python that makes it easier for security professionals and developers to write applications more resilient to attacks and manipulations.





The number of internet banking fraud cases increases every year. Phishing is the most frequently used method.  Febelfin launched a YouTube video called ‘See how easily freaks can take over your life’ in which it draws the attention to the precautions for safe internet banking.

Video 1:  Security clip showing the risks of sharing too much online "See how easily freaks can take over your life" :

Video 2:  Security clip showing the risks of sharing too much online  "Amazing mind reader reveals his 'gift' ":  Published on






  • A practical guide for business travel with a downloadable brochure with recommendations to protect your assets when traveling

Be Safe!

Videos: < 





  • ID Theft quiz

Project from NORSIS



  • CERT-Slovenia: Videos to share representing topics of online security produced for 2012 ECSM pilot campaign, with English subtitles. The content includes topics such as: Nigerian scam “This is your lucky day”; Fake on-line stores “Everything's half price at Danny's!”; phishing “Hello, is this a bank?”  Follow the link to watch the videos:  



Specific AR campaigns world wide


  •  STOP. THINK. CONNECT.™ is the global cybersecurity awareness campaign to help all digital citizens stay safer and more secure online.

Tips and advice:


  •  Singapore’s Cyber Security Awareness Day is championed by the Cyber Security Awareness Alliance

  •  CrypTool Portal

 The CrypTool Portal raises awareness and interest in cryptography for everyone:

  •  Botnet protection guide