SANS Information Security Reading Roomhttp://www.sans.org/reading-room/Last 25 Computer Security Papers added to the Reading RoomKohanaPHPDigital Certificate Revocationhttps://www.sans.org/reading-room/whitepapers/certificates/digital-certificate-revocation-35292Secure communication on the Internet is built around the trust of digital certificates.Thu, 24 Jul 2014 00:00:00 +0000Risky Businesshttps://www.sans.org/reading-room/whitepapers/riskmanagement/risky-business-35287Risk Management has evolved just like many other aspects of IT Security.Tue, 08 Jul 2014 00:00:00 +0000Incident Response in a Microsoft SQL Server Environmenthttps://www.sans.org/reading-room/whitepapers/application/incident-response-microsoft-sql-server-environment-35267Incident Response in a Microsoft SQL Server environment starts with planning and requires the Intelligence approach.Thu, 03 Jul 2014 00:00:00 +0000Wireshark: A Guide to Color My Packetshttps://www.sans.org/reading-room/whitepapers/detection/wireshark-guide-color-packets-35272Incident Responders investigating technology-facilitated crime in an unfamiliar or even non-homogenous network environment can be given access to raw packet trace files.Thu, 03 Jul 2014 00:00:00 +0000Web Application Penetration Testing for PCIhttps://www.sans.org/reading-room/whitepapers/testing/web-application-penetration-testing-pci-35262The Verizon 2014 Data Breach Investigations Report reported 3,937 total web application related incidents, with 490 confirmed unauthorized data disclosures (Verizon, 2014). Thu, 26 Jun 2014 00:00:00 +0000Designing and Implementing a Honeypot for a SCADA Networkhttps://www.sans.org/reading-room/whitepapers/detection/designing-implementing-honeypot-scada-network-35252This paper is based on a facilities network filled with Supervisory Control and Data Acquisition (SCADA)-type devices, controlling and monitoring everything from elevators, to pumps, to generators, to smart meters, to building access control systems. Fri, 20 Jun 2014 00:00:00 +0000Advanced Network Protection with McAfee Next Generation Firewallhttps://www.sans.org/reading-room/whitepapers/analyst,firewalls/advanced-network-protection-mcafee-generation-firewall-35250A review of McAfee Next Generation Firewall by SANS Analyst and Senior Instructor Dave Shackleford. It explores a number of the product's capabilities, including clustering and redundancy, numerous varieties of VPN access, policy options and features such as end-user identification and advanced anti-evasion toolsThu, 19 Jun 2014 00:00:00 +0000Higher Education: Open and Secure?https://www.sans.org/reading-room/whitepapers/analyst/higher-education-open-secure-35240Mon, 16 Jun 2014 00:00:00 +0000Practical Threat Management and Incident Response for the Small- to Medium-Sized Enterpriseshttps://www.sans.org/reading-room/whitepapers/analyst/practical-threat-management-incident-response-small-medium-sized-enterprises-35257If you work in a small- to medium-sized enterprise (SME),1 you know how challenging securing your technology assets can be.Thu, 12 Jun 2014 00:00:00 +0000A guide to leading and motivating highly driven professionalshttps://www.sans.org/reading-room/whitepapers/projectmanagement/guide-leading-motivating-highly-driven-professionals-34605A project is defined as "a temporary endeavor undertaken to create a unique product, service or result."Fri, 06 Jun 2014 00:00:00 +0000Securing Aviation Avionicshttps://www.sans.org/reading-room/whitepapers/incident/securing-aviation-avionics-34590For the safety of the flying public, the majority of security research does not directly target the primary flight instruments Tue, 03 Jun 2014 00:00:00 +0000A Journey into Litecoin Forensic Artifactshttps://www.sans.org/reading-room/whitepapers/forensics/journey-litecoin-forensic-artifacts-34595Litecoin is a virtual peer-to-peer currency.Tue, 03 Jun 2014 00:00:00 +0000An Opportunity In Crisishttps://www.sans.org/reading-room/whitepapers/threats/opportunity-crisis-34600As the cliche saying goes, 'The Chinese word for Crisis contains a symbol for Opportunity'.Tue, 03 Jun 2014 00:00:00 +0000Security Analytics: having fun with Splunk and a packet capture file (pcap)https://www.sans.org/reading-room/whitepapers/detection/security-analytics-fun-splunk-packet-capture-file-pcap-34580Security Analytics is one of the most discussed topics within the Information Security (IS) industry, especially when combined with another buzzword such as Big Data. Fri, 30 May 2014 00:00:00 +0000Intrusion Analysis Using Windows PowerShellhttps://www.sans.org/reading-room/whitepapers/detection/intrusion-analysis-windows-powershell-34585Microsoft during the late 90s and through the turn of the millennium was not held in high regard in terms to security.Fri, 30 May 2014 00:00:00 +0000iPwn Apps: Pentesting iOS Applicationshttps://www.sans.org/reading-room/whitepapers/testing/ipwn-apps-pentesting-ios-applications-34577The growth of mobile device usage in both personal and professional environments continues to grow. Mon, 12 May 2014 00:00:00 +0000Cybersecurity Professional Trends: A SANS Surveyhttps://www.sans.org/reading-room/whitepapers/analyst,securitytrends/cybersecurity-professional-trends-survey-34615Survey results on evolving roles of security professionals worldwide, including new roles, titles, managerial functions, and existing and planned certifications broken out by industry and geography.Thu, 08 May 2014 00:00:00 +0000SAMHAIN: Host Based Intrusion Detection via File Integrity Monitoringhttps://www.sans.org/reading-room/whitepapers/detection/samhain-host-based-intrusion-detection-file-integrity-monitoring-34567This paper will focus on the installation and configuration of Samhain in a client / server architecture with some specific compile and runtime options explored.Tue, 06 May 2014 00:00:00 +0000Automation of Report and Timeline-file based file and URL analysishttps://www.sans.org/reading-room/whitepapers/forensics/automation-report-timeline-file-based-file-url-analysis-34572The proposed solution tries to lessen the burden of manually processing timeline-based logfiles and automating the classification of both files and URLs.Tue, 06 May 2014 00:00:00 +0000Incident Handling Annual Testing and Traininghttps://www.sans.org/reading-room/whitepapers/incident/incident-handling-annual-testing-training-34565Cybercrimes and the annual costs incurred by business are on the rise year over year.Tue, 29 Apr 2014 00:00:00 +0000Combining Security Intelligence and the Critical Security Controls: A Review of LogRhythm's SIEM Platformhttps://www.sans.org/reading-room/whitepapers/analyst,logging/combining-security-intelligence-critical-security-controls-review-logrhythm-039-s-si-34610Review of LogRhythm’s security information and event management (SIEM) platform with new security intelligence features built in for compliance.Wed, 23 Apr 2014 00:00:00 +00002014 Trends That Will Reshape Organizational Securityhttps://www.sans.org/reading-room/whitepapers/analyst,securitytrends/2014-trends-reshape-organizational-security-34625Information for security managers to facilitate focusing their investments on the areas that are mostly likely to impact their organizations and customers over the next several years.Tue, 22 Apr 2014 00:00:00 +0000Skype and Data Exfiltrationhttps://www.sans.org/reading-room/whitepapers/covert/skype-data-exfiltration-34560Few software packages have been as controversial, yet as ubiquitous as Skype.Mon, 21 Apr 2014 00:00:00 +0000Rootkit Detection with OSSEChttps://www.sans.org/reading-room/whitepapers/detection/rootkit-detection-ossec-34555Most malware consists of a malicious application that gets installed on a victim’s computer. Wed, 16 Apr 2014 00:00:00 +0000The Hacker Always Gets Throughhttps://www.sans.org/reading-room/whitepapers/hackers/hacker-34550In early 2010, security analysts started noticing something really interesting. Tue, 15 Apr 2014 00:00:00 +0000