- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
Last 25 papers added to the Reading Room
Last Updated Nov 16, 2009
Gathering Security Metrics and Reaping the Rewards
Dan Rathbun
Category: Management & Leadership
Posted: November 16, 2009
Hey Dude! I Can Do a Great Humphrey Bogart!
Lee Peterson
Category: Network Devices
Posted: November 11, 2009
A Multi-Perspective View of PHP Remote File Include Attacks
Dennis Schwarz
Category: Intrusion Detection
Posted: November 10, 2009
Check Point Firewall Log Analysis In-Depth
Mark Stingley
Category: Logging Technology and Techniques
Posted: November 10, 2009
Efficiently Deducing IDS False Positives Using System Profiling
Michael Karwaski
Category: Intrusion Detection
Posted: November 9, 2009
Why Crack When You Can Pass the Hash?
Christopher Hummel
Category: Penetration Testing
Posted: November 3, 2009
A Fuzzing Approach to Credentials Discovery using Burp Intruder
Karl Dawson
Category: Penetration Testing
Posted: October 29, 2009
Women in IT Security Project Management
Gurdeep Kaur
Category: Management & Leadership
Posted: October 27, 2009
Two-Factor Authentication: Can You Choose the Right One?
Emilio Valente
Category: Authentication
Posted: October 15, 2009
Security Concerns in Using Open Source Software for Enterprise Requirements
Sreenivasa Vadalasetty
Category: Security Awareness
Posted: October 8, 2009
Harness the Power of SIEM
Dereck Haye
Category: Intrusion Detection
Posted: October 6, 2009
Cisco Security Agent and Incident Handling
Greg Farnham
Category: Incident Handling
Posted: October 1, 2009
Best Practices in Data Protection: Encryption, Key Management and Tokenization
nuBridges, inc
Category: Application/Database Sec
Posted: September 29, 2009
Six Ways to Reduce PCI DSS Audit Scope by Tokenizing Cardholder data
nuBridges, inc
Category: Best Practices
Posted: September 29, 2009
Simple Windows Batch Scripting for Intrusion Discovery
Tim Proffitt
Category: Auditing & Assessment
Posted: September 29, 2009
Mitigating Insider Sabotage
Joseph Garcia
Category: Case Studies
Posted: September 28, 2009
Security Incident Handling in High Availability Environments
Algis Kibirkstis
Category: Incident Handling
Posted: September 15, 2009
Investigative Tree Models
Rodney Caudle
Category: Incident Handling
Posted: September 15, 2009
Mac OS X Malware Analysis
Joel Yonts
Category: Forensics
Posted: September 8, 2009
Incident Handlers Guide to SQL Injection Worms
Justin Folkerts
Category: Incident Handling
Posted: June 18, 2009
Building an Automated Behavioral Malware Analysis Environment using Open Source Software
Jim Clausing
Category: Tools
Posted: June 18, 2009
PCI DSS and Incident Handling: What is required before, during and after an incident
Christian J. Moldes
Category: Compliance
Posted: June 16, 2009
Virtual Rapid Response Systems
Chris Mohan
Category: Incident Handling
Posted: June 11, 2009
Effective Time and Communication Management
Brad Ruppert
Category: Management & Leadership
Posted: June 9, 2009
IOScat - a Port of Netcat's TCP functions to Cisco IOS
Robert Vandenbrink
Category: Tools
Posted: May 29, 2009
Dan Rathbun
Category: Management & Leadership
Posted: November 16, 2009
Hey Dude! I Can Do a Great Humphrey Bogart!
Lee Peterson
Category: Network Devices
Posted: November 11, 2009
A Multi-Perspective View of PHP Remote File Include Attacks
Dennis Schwarz
Category: Intrusion Detection
Posted: November 10, 2009
Check Point Firewall Log Analysis In-Depth
Mark Stingley
Category: Logging Technology and Techniques
Posted: November 10, 2009
Efficiently Deducing IDS False Positives Using System Profiling
Michael Karwaski
Category: Intrusion Detection
Posted: November 9, 2009
Why Crack When You Can Pass the Hash?
Christopher Hummel
Category: Penetration Testing
Posted: November 3, 2009
A Fuzzing Approach to Credentials Discovery using Burp Intruder
Karl Dawson
Category: Penetration Testing
Posted: October 29, 2009
Women in IT Security Project Management
Gurdeep Kaur
Category: Management & Leadership
Posted: October 27, 2009
Two-Factor Authentication: Can You Choose the Right One?
Emilio Valente
Category: Authentication
Posted: October 15, 2009
Security Concerns in Using Open Source Software for Enterprise Requirements
Sreenivasa Vadalasetty
Category: Security Awareness
Posted: October 8, 2009
Harness the Power of SIEM
Dereck Haye
Category: Intrusion Detection
Posted: October 6, 2009
Cisco Security Agent and Incident Handling
Greg Farnham
Category: Incident Handling
Posted: October 1, 2009
Best Practices in Data Protection: Encryption, Key Management and Tokenization
nuBridges, inc
Category: Application/Database Sec
Posted: September 29, 2009
Six Ways to Reduce PCI DSS Audit Scope by Tokenizing Cardholder data
nuBridges, inc
Category: Best Practices
Posted: September 29, 2009
Simple Windows Batch Scripting for Intrusion Discovery
Tim Proffitt
Category: Auditing & Assessment
Posted: September 29, 2009
Mitigating Insider Sabotage
Joseph Garcia
Category: Case Studies
Posted: September 28, 2009
Security Incident Handling in High Availability Environments
Algis Kibirkstis
Category: Incident Handling
Posted: September 15, 2009
Investigative Tree Models
Rodney Caudle
Category: Incident Handling
Posted: September 15, 2009
Mac OS X Malware Analysis
Joel Yonts
Category: Forensics
Posted: September 8, 2009
Incident Handlers Guide to SQL Injection Worms
Justin Folkerts
Category: Incident Handling
Posted: June 18, 2009
Building an Automated Behavioral Malware Analysis Environment using Open Source Software
Jim Clausing
Category: Tools
Posted: June 18, 2009
PCI DSS and Incident Handling: What is required before, during and after an incident
Christian J. Moldes
Category: Compliance
Posted: June 16, 2009
Virtual Rapid Response Systems
Chris Mohan
Category: Incident Handling
Posted: June 11, 2009
Effective Time and Communication Management
Brad Ruppert
Category: Management & Leadership
Posted: June 9, 2009
IOScat - a Port of Netcat's TCP functions to Cisco IOS
Robert Vandenbrink
Category: Tools
Posted: May 29, 2009
Check Them Out!
Consistently some of the best raining available. It is apparent that SANS updates their course content and SANS instructors are established experts in the field.
-Ryan Macfarlane, FBI
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy