More than 75,000 unique visitors read papers in the Reading Room every month and it has become the starting point for exploration of topics ranging from SCADA to wireless security, from firewalls to intrusion detection. The SANS Reading Room features over 2,180 original computer security white papers in 82 different categories.
Latest 25 Papers Added to the Reading Room
by Robert Peter Sorensen - July 8, 2014 in Risk Management
Risk Management has evolved just like many other aspects of IT Security.
Incident Response in a Microsoft SQL Server Environment
by Juan Walker - July 3, 2014 in Application and Database Security
Incident Response in a Microsoft SQL Server environment starts with planning and requires the Intelligence approach.
Wireshark: A Guide to Color My Packets
by Roy Cheok - July 3, 2014 in Intrusion Detection
Incident Responders investigating technology-facilitated crime in an unfamiliar or even non-homogenous network environment can be given access to raw packet trace files.
Web Application Penetration Testing for PCI
by Michael Hoehl - June 26, 2014 in Penetration Testing
The Verizon 2014 Data Breach Investigations Report reported 3,937 total web application related incidents, with 490 confirmed unauthorized data disclosures (Verizon, 2014).
Designing and Implementing a Honeypot for a SCADA Network
by Charles Scott - June 20, 2014 in Intrusion Detection
This paper is based on a facilities network filled with Supervisory Control and Data Acquisition (SCADA)-type devices, controlling and monitoring everything from elevators, to pumps, to generators, to smart meters, to building access control systems.
Advanced Network Protection with McAfee Next Generation Firewall
by Dave Shackleford - June 19, 2014 in Firewalls & Perimeter Protection
- Associated Webcasts: Analyst Webcast: Advanced Network Protection with McAfee Next Generation Firewall
- Sponsored By: McAfee, a division of Intel Security
A review of McAfee Next Generation Firewall by SANS Analyst and Senior Instructor Dave Shackleford. It explores a number of the product's capabilities, including clustering and redundancy, numerous varieties of VPN access, policy options and features such as end-user identification and advanced anti-evasion tools
Higher Education: Open and Secure?
by Randy Marchany - June 16, 2014
Practical Threat Management and Incident Response for the Small- to Medium-Sized Enterprises
by Jacob Williams - June 12, 2014
- Associated Webcasts: Practical Threat Management and Incident Response for the Small- to Medium-Sized Enterprise
- Sponsored By: AlienVault
If you work in a small- to medium-sized enterprise (SME),1 you know how challenging securing your technology assets can be.
A guide to leading and motivating highly driven professionals
by George Khalil - June 6, 2014 in Project Management
A project is defined as "a temporary endeavor undertaken to create a unique product, service or result."
Securing Aviation Avionics
by Marc Panet-Raymond - June 3, 2014 in Incident Handling
For the safety of the flying public, the majority of security research does not directly target the primary flight instruments
A Journey into Litecoin Forensic Artifacts
by Daniel Piggott - June 3, 2014 in Forensics
Litecoin is a virtual peer-to-peer currency.
An Opportunity In Crisis
by Harshit Nayyar - June 3, 2014 in Threats/Vulnerabilities
As the cliche saying goes, 'The Chinese word for Crisis contains a symbol for Opportunity'.
Security Analytics: having fun with Splunk and a packet capture file (pcap)
by Alexandre Teixeira - May 30, 2014 in Intrusion Detection
Security Analytics is one of the most discussed topics within the Information Security (IS) industry, especially when combined with another buzzword such as Big Data.
Intrusion Analysis Using Windows PowerShell
by Michael Weeks - May 30, 2014 in Intrusion Detection
Microsoft during the late 90s and through the turn of the millennium was not held in high regard in terms to security.
iPwn Apps: Pentesting iOS Applications
by Adam Kliarsky - May 12, 2014 in Penetration Testing
The growth of mobile device usage in both personal and professional environments continues to grow.
Cybersecurity Professional Trends: A SANS Survey
Advisors: John Pescatore, Barb Filkins, Tracy Lenzner and SANS GIAC - May 8, 2014 in Security Trends
- Associated Webcasts: SANS 2014 Salary Survey: The State of Security Professionals Today
- Sponsored By: Arbor Networks
Survey results on evolving roles of security professionals worldwide, including new roles, titles, managerial functions, and existing and planned certifications broken out by industry and geography.
SAMHAIN: Host Based Intrusion Detection via File Integrity Monitoring
by Martinus Nel - May 6, 2014 in Intrusion Detection
This paper will focus on the installation and configuration of Samhain in a client / server architecture with some specific compile and runtime options explored.
Automation of Report and Timeline-file based file and URL analysis
by Florian Eichelberger - May 6, 2014 in Forensics
The proposed solution tries to lessen the burden of manually processing timeline-based logfiles and automating the classification of both files and URLs.
Incident Handling Annual Testing and Training
by Kurtis Holland - April 29, 2014 in Incident Handling
Cybercrimes and the annual costs incurred by business are on the rise year over year.
Combining Security Intelligence and the Critical Security Controls: A Review of LogRhythm's SIEM Platform
by Dave Shackleford - April 23, 2014 in Logging Technology and Techniques
- Associated Webcasts: SIEM, Security Intelligence and the Critical Security Controls
- Sponsored By: LogRhythm
Review of LogRhythms security information and event management (SIEM) platform with new security intelligence features built in for compliance.
2014 Trends That Will Reshape Organizational Security
by John Pescatore - April 22, 2014 in Security Trends
- Associated Webcasts: The 2014 Security Trends Forecast: What Does 2014 Hold for Security and Its Impact on Business Professionals?
- Sponsored By: Sourcefire, now a part of Cisco
Information for security managers to facilitate focusing their investments on the areas that are mostly likely to impact their organizations and customers over the next several years.
Skype and Data Exfiltration
by Kenneth Hartman - April 21, 2014 in Covert Channels
Few software packages have been as controversial, yet as ubiquitous as Skype.
Rootkit Detection with OSSEC
by Sally Vandeven - April 16, 2014 in Intrusion Detection
Most malware consists of a malicious application that gets installed on a victims computer.
The Hacker Always Gets Through
by TJ O'Connor - April 15, 2014 in Hackers
In early 2010, security analysts started noticing something really interesting.
Windows ShellBags Forensics in Depth
by Vincent Lo - April 14, 2014 in Forensics
Microsoft Windows records the view preferences of folders and Desktop.
All papers are copyrighted. No re-posting or distribution of papers is permitted.