Resources

Security Resources

Trusted tools, government guides, and industry frameworks — curated for individuals and businesses who want to take security seriously. All resources below are free to access.

For Individuals

Protect Yourself Online

Essential tools and guides for anyone who wants to reduce their personal security and privacy risk.

Breach Monitoring

Have I Been Pwned

Check whether your email address or password has appeared in a known data breach. Built by security researcher Troy Hunt and used by millions worldwide.

Visit haveibeenpwned.com →

Password Management

Bitwarden

Free, open-source password manager. Generate strong, unique passwords for every account and store them securely. Available on all platforms and browsers.

Visit bitwarden.com →

Two-Factor Authentication

2FA Directory

A searchable directory of websites and apps that support two-factor authentication, with direct links to their setup guides. Find out which of your accounts support 2FA.

Visit 2fa.directory →

Government — Canada

Get Cyber Safe

Canada's national public awareness campaign about cybersecurity, run by the Canadian Centre for Cyber Security. Practical tips on safe browsing, phishing, and more.

Visit getcybersafe.gc.ca →

Privacy Guides

Surveillance Self-Defense

Step-by-step privacy and security guides from the Electronic Frontier Foundation (EFF). Covers everything from securing your phone to protecting yourself from targeted surveillance.

Visit ssd.eff.org →

Privacy Tools

Proton

Swiss-based suite of privacy-first tools: encrypted email (Proton Mail), VPN (Proton VPN), cloud storage (Proton Drive), and calendar. Free tiers available for all products.

Visit proton.me →

For Businesses

Frameworks & Official Guidance

Authoritative frameworks and government resources to help organizations build and maintain a strong security posture.

Government — Canada

Canadian Centre for Cyber Security

Canada's national technical authority for cybersecurity. Publishes threat advisories, incident response guidance, and best-practice documents tailored for Canadian organizations.

Visit cyber.gc.ca →

Security Framework

NIST Cybersecurity Framework

The industry-standard framework for managing cybersecurity risk across five core functions: Identify, Protect, Detect, Respond, and Recover. Free to use and widely adopted across North America.

Visit nist.gov/cyberframework →

Security Controls

CIS Controls

A prioritized set of 18 security actions that deliver the highest return on investment against real-world threats. Designed for organizations of all sizes, with implementation groups for SMBs.

Visit cisecurity.org/controls →

Privacy & Compliance — Canada

Office of the Privacy Commissioner

Official Canadian guidance on PIPEDA compliance and privacy obligations for businesses that collect, use, or disclose personal information. Essential reading for any Canadian business.

Visit priv.gc.ca →

Government — US

CISA

The US Cybersecurity and Infrastructure Security Agency offers free tools, threat advisories, and best-practice guides. Their resources are widely applicable to Canadian organizations as well.

Visit cisa.gov →

SMB Security Baseline

Cyber Essentials

A UK government-backed security certification that defines five foundational security controls every business should have in place. An excellent baseline framework for small and medium businesses globally.

Visit ncsc.gov.uk →

Free Tools

Security Testing & Analysis

Hands-on tools you can use right now to test files, URLs, and your web presence — no account required for most.

Malware Scanner

VirusTotal

Scan files, URLs, domains, and IP addresses against 70+ antivirus engines and threat intelligence feeds. Free to use, no account required. Essential for checking suspicious downloads or links.

Visit virustotal.com →

SSL/TLS Testing

SSL Labs SSL Test

Analyze your website's HTTPS configuration in detail. Get a graded report covering certificate validity, protocol support, cipher strength, and known vulnerabilities. Free, no login needed.

Visit ssllabs.com/ssltest →

Web Security Headers

Mozilla Observatory

Test your website's security headers, Content Security Policy, HTTPS enforcement, and cookie configuration. Provides a score and actionable recommendations for each finding.

Visit observatory.mozilla.org →

Exposure Discovery

Shodan

A search engine for internet-connected devices. Use it to discover what your organization unintentionally exposes online — open ports, services, and vulnerable systems visible from the internet.

Visit shodan.io →

Need More Than Resources?

Let Us Assess Your Security Posture

Resources are a great starting point, but every organization's risk profile is different. Book a free 30-minute call and we'll help you understand where you actually stand.

Book a Free Call →