HumanRisk SEAT
Home / Free Tools
Free · Vendor-neutral · No account needed

Free tools for security awareness practitioners

Built by a practitioner who has run these programs for 20+ years. Each tool surfaces something the SEAT platform already does, made free and standalone. No login, no sales gate.

Lookup · 22 frameworks
Compliance Awareness Requirements
Pick a framework (PCI DSS 4.0, HIPAA, NIS2, DORA, CMMC, GLBA, NIST 800-171 and more) and see its security awareness and training obligations in plain English, with audit evidence and SEAT pillar mapping.
Open the lookup →
Calculator
Security Awareness ROI Calculator
Build a defensible business case with the math shown. Enter incident frequency, cost, expected reduction, and program spend to get a cost-versus-risk estimate you can take to a CFO.
Run the numbers →
Calculator
Program Staffing (FTE) Calculator
How many people a program actually needs, grounded in the SANS benchmark of about 4.2 FTE for a mature program. Enter headcount and ambition, see the staffing gap you are carrying.
Check your staffing →
Self-check · 2 min
Maturity Self-Check
Eight quick questions across the four SEAT pillars return a directional maturity level, from Reactive to Embedded, and show your weakest pillar. A fast snapshot before the full assessment.
Check your maturity →
Assessment · 10-15 min
Free SEAT Maturity Assessment
Measure your program across Strategy, Engage, Assess, and Train. Get a maturity baseline showing where investment reduces the most risk. 26 questions, no account needed.
Start the assessment →
Builder
Third-Party Risk Assessment Builder
Generate a structured third-party risk assessment for vendors and suppliers, aligned to the human-risk questions that frameworks like NIS2 and DORA now require.
Build an assessment →
Reference · Updated quarterly
HRM Market Landscape
An independent, practitioner-maintained map of the human risk management market: vendor positioning, funding, categories, and an honest practitioner take on each.
Explore the landscape →
Job board · Updated daily
Security Awareness Job Board
A focused board of security awareness, human risk, and security culture roles, refreshed daily. The only job board built specifically for this discipline.
Browse roles →
Playbook
Phishing Triage Playbook
An open, vendor-agnostic reference for building your own phishing triage workflow: severity scoring, reference architecture, and SOC integration patterns.
Read the playbook →

Why a tools section

The best way to prove a methodology is useful is to give people something useful that runs on it. These tools are free because the underlying work, the assessment engine, the compliance mappings, the market research, already exists inside SEAT. Exposing each one as a standalone utility helps practitioners do their jobs and shows what the platform does without asking anyone to sit through a demo.

Everything here is vendor-neutral. SEAT is a maturity assessment and program management platform, not a training vendor or a phishing-simulation tool, so these references work alongside whatever you already run. If a tool saves you time, the assessment is the natural next step: it measures where your program actually stands and where the next dollar reduces the most risk.