InfoSec Institute (ISI)

The InfoSec Institute (infosecinstitute.com) offers a variety of training on security topics such as penetration testing and reverse engineering. After it was discovered that ISI took large portions of material from Corelan.be without credit or license, additional review was performed of available material. This included a presentation from founder/owner Jack Koziol and other contract instructors. It became clear that the Corelan incident was not a one-off, and likely not the work of a rogue contractor as ISI claimed.

According to their web page, ISI describes themselves as:

InfoSec Institute is the best source for high quality information security training. We have been training Information Security and IT Professionals since 1998 with a diverse lineup of relevant training courses. In the past 13 years, over 15,000 individuals have trusted InfoSec Institute for their professional development needs!

Given the amount of plagiarism found to date, this is disconcerting. According to a presentation given by Jack Koziol in 2010, ISI has given training to the US Air Force, National Security Agency (NSA), the US Army, GCHQ, Symantec, KPMG, Bank of America, Trustwave, JPMorgan, McAfee and more. Providing plagiarized content to US government and military is a disservice to them, and the people the material was taken from.

During the process of settling the plagiarism of Corelan.be's material, ISI was given advanced warning about the contents of this page. attrition.org assisted ISI by giving guidance on revising their policy for reviewing content. ISI has released a statement (since removed) outlining their new content creation policies.