SANS Information Security Reading Room 25 Computer Security Papers added to the Reading RoomKohanaPHPAirwatch MDM and Android: a policy and technical review surprisingly, mobile devices are an increasingly important part of the topology of how people access business data. Thu, 21 Aug 2014 00:00:00 +0000H.O.T. | Security information security industry will continue to grow in size, density and specialization (Tipton, 2010). The demand for qualified security professionals who possess relevant knowledge and required skills is growing and will increase substantially (Miller, 2012) (Suby, 2013).Thu, 21 Aug 2014 00:00:00 +0000Under Threat or Compromise - Every Detail Counts,awareness,incident/threat-compromise-detail-counts-35367This paper outlines five major components of a life-cycle approach to defense and how companies can adopt this model to maximize security in the current threat landscape. Wed, 20 Aug 2014 00:00:00 +0000Beyond the cookie: Using network traffic characteristics to enhance confidence in user identity history, authenticating to a computer system was simple: the user provided credentials, the system checked the credentials against a trusted source, and the system permitted or denied access to a protected resource.Tue, 19 Aug 2014 00:00:00 +0000Small devices needs a large Firewall Alto Networks (PAN) next-generation firewall encapsulates a full line of products. Mon, 18 Aug 2014 00:00:00 +0000Point of Sale (POS) Systems and Security Dr. Eric Cole (2014) mentioned in a recent SANS SEC401: Security Essentials Bootcamp Style course, "will be the year of the retailer".Mon, 18 Aug 2014 00:00:00 +0000Botnet Tracking Tools are a serious threat to internet security.Thu, 14 Aug 2014 00:00:00 +0000Are there novel ways to mitigate credential theft attacks in Windows? a single system is compromised by a determined attacker in a Windows environment, the attacker often tries to move laterally through the environment and escalate his privileges, potentially resulting in compromise of additional systems, up to the entire domain or forest. Wed, 13 Aug 2014 00:00:00 +0000Incident Response: How to Fight Back,awareness,incident,policyissues/incident-response-fight-35342A spate of high-profile security breaches and attacks means that security practitioners find themselves thinking a lot about incident response. A new SANS incident response survey explores how practitioners are dealing with these numerous incidents and provides insight into incident response plans, attack histories, where organizations should focus their response efforts, and how to put all of the pieces together. Wed, 13 Aug 2014 00:00:00 +0000Its 10PM...Do you know where your cloud is? the time that Dr. Gordon Moore, the legendary founder of Intel postulated his theory that the number of transistors on an integrated circuit would double approximately every two years, the far off 21st century always seemed to hold the promise of flying cars and robotics making individual's lives easier. Mon, 11 Aug 2014 00:00:00 +0000Implementing an Information Assurance Awareness Program: A case study for the Twenty Critical Security Controls at Consulting Firm X for IT Personnel a consultant within a large, growing, high-profile consulting firm, this challenge is interesting in terms of preventing potential future cyber-attacks. Thu, 07 Aug 2014 00:00:00 +0000IDS: File Integrity Checking file integrity checking application is a host-based intrusion detection software. Thu, 07 Aug 2014 00:00:00 +0000Continuous Diagnostics and Mitigation : Making it Work,auditing,leadership/continuous-diagnostics-mitigation-making-work-35317 Security professionals in federal, state and local agencies face many unique challenges in protecting critical systems and information. The CDM program has tremendous potential for both increasing the security levels at those agencies and reducing the cost of demonstrating compliance. However, to be successful, the program must address the following: lack of awareness, low inspector general awareness and lack of information on how to use the program. For use of the program to result in better security, additional staffing and skills are needed, as are success stories to guide organizations attempting to implement CDM.Wed, 06 Aug 2014 00:00:00 +0000Protect Critical Infrastructure Systems With Whitelisting there tends to be a misunderstanding regarding the operational aspect of critical infrastructure systems.Tue, 05 Aug 2014 00:00:00 +0000 The Maturation of Controls Self - Assessments topic is appropriate for the Global Security Leadership Certification because it provides IT leaders with practical information and historical references.Thu, 31 Jul 2014 00:00:00 +0000Killing Advanced Threats in Their Tracks: An Intelligent Approach to Attack Prevention,detection,intrusion/killing-advanced-threats-tracks-intelligent-approach-attack-prevention-35302All attacks follow certain stages. By observing those stages during an attack progression and then creating immediate protections to block those attack methods, organizations can achieve a level of closed-loop intelligence that can block and protect across this attack kill chain. This paper explains the many steps in the kill chain, along with how to detect unknown attacks by integrating intelligence into sensors and management consoles. Tue, 29 Jul 2014 00:00:00 +0000Building an Application Vulnerability Management Program years, attackers have assailed network and system level vulnerabilities, fueling demand for products like firewalls and network vulnerability scanners.Mon, 28 Jul 2014 00:00:00 +0000Digital Certificate Revocation communication on the Internet is built around the trust of digital certificates.Thu, 24 Jul 2014 00:00:00 +0000Risky Business Management has evolved just like many other aspects of IT Security.Tue, 08 Jul 2014 00:00:00 +0000Incident Response in a Microsoft SQL Server Environment Response in a Microsoft SQL Server environment starts with planning and requires the Intelligence approach.Thu, 03 Jul 2014 00:00:00 +0000Wireshark: A Guide to Color My Packets Responders investigating technology-facilitated crime in an unfamiliar or even non-homogenous network environment can be given access to raw packet trace files.Thu, 03 Jul 2014 00:00:00 +0000Web Application Penetration Testing for PCI Verizon 2014 Data Breach Investigations Report reported 3,937 total web application related incidents, with 490 confirmed unauthorized data disclosures (Verizon, 2014). Thu, 26 Jun 2014 00:00:00 +0000Designing and Implementing a Honeypot for a SCADA Network paper is based on a facilities network filled with Supervisory Control and Data Acquisition (SCADA)-type devices, controlling and monitoring everything from elevators, to pumps, to generators, to smart meters, to building access control systems. Fri, 20 Jun 2014 00:00:00 +0000Advanced Network Protection with McAfee Next Generation Firewall,firewalls/advanced-network-protection-mcafee-generation-firewall-35250A review of McAfee Next Generation Firewall by SANS Analyst and Senior Instructor Dave Shackleford. It explores a number of the product's capabilities, including clustering and redundancy, numerous varieties of VPN access, policy options and features such as end-user identification and advanced anti-evasion tools Thu, 19 Jun 2014 00:00:00 +0000Higher Education: Open and Secure?, 16 Jun 2014 00:00:00 +0000