Practical cyber security support for SMBs
Free tools, assessments, news and guidance to help small and medium businesses strengthen their security posture. Aid+ funds the free Security Aid mission.
- 100% free tools
- SMB focused
- Non-profit mission
- Privacy first
Featured tools
Latest cyber security news
Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware
Four compromised npm packages in the @asyncapi namespace have been observed distributing a multi-stage botnet loader, according to findings from OX Security, SafeDep, Socket, and StepSecurity.…
15 Jul 2026Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve…
15 Jul 2026Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack
Microsoft shipped its largest Patch Tuesday on record today, and two of the fixes close holes that attackers are already exploiting. The release covers 622 of…
14 Jul 2026This week in security
A quick, SMB-relevant roundup — no jargon, just what matters this week.
Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware
Four compromised npm packages in the @asyncapi namespace have been observed distributing a multi-stage botnet loader, according to findings from OX Security, SafeDep, Socket, and StepSecurity.…
15 Jul 2026Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve…
15 Jul 2026Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack
Microsoft shipped its largest Patch Tuesday on record today, and two of the fixes close holes that attackers are already exploiting. The release covers 622 of…
14 Jul 2026Popular guides
MFA for SMBs: where to start
A no-nonsense rollout order for identity, admin and VPN accounts.
Read guide →Preparing for Cyber Essentials
The five technical controls, explained without the jargon.
Read guide →Services
Non-profit advisory work — the first four hours are always free. Deeper engagements sit under Aid+.
Cyber Security Talks & Workshops
Engaging, jargon-free sessions for leadership teams and staff.
First 4 hours freeIncident Response Planning
Build a tested, scenario-specific incident response plan before you need one.
First 4 hours freeMicrosoft Security Reviews
Independent review of your Microsoft 365 and Azure security configuration against best practice.
First 4 hours freeSecurity Advisory
Pragmatic, SMB-sized advisory support — the first four hours are always free.
First 4 hours freeSecurity Architecture & Roadmaps
A right-sized security roadmap that matches your budget, risk appetite and growth plans.
First 4 hours free