Featuring 8 Papers as of June 17, 2014
The Security Onion Cloud Client Network Security Monitoring for the Cloud
by Joshua Brower - September 17, 2013
Network Security Monitoring (NSM) is the "collection, analysis, and escalation of indications and warnings to detect and respond to intrusions."
Simplifying Cloud Access Without Sacrificing Corporate Control: A Review of McAfees Integrated Web and Identity Solutions
by Dave Shackleford - August 21, 2013
- Associated Webcasts: Managing Identities in the Cloud Without Sacrificing Corporate Control: A Review of McAfee
- Sponsored By: McAfee, a division of Intel Security
Review of McAfee Web Gateway version 7.3, McAfee Cloud Single Sign On (CSSO) version 4.0 and McAfee One Time Password version 4.0, with Pledge Software Token (Pledge) version 2.0.
An Introduction To Securing a Cloud Environment
by Todd Steiner - November 27, 2012
As government and private industry budgets continue to shrink, executives are plotting new strategies to become more efficient and cost effective.
Diskless Cluster Computing: Security Benefit of oneSIS and Git
by Aron Warren - April 16, 2012
This paper introduces the joining of two software packages, oneSIS and Git. Each package by itself is meant to tackle only a certain class of problem.
Cloud Computing - Maze in the Haze
by Godha Iyengar - October 18, 2011
In recent days, Cloud Computing has become a great topic of debate in the IT field. Clouds, like solar panels, appear intriguingly simple at first but the details turn out to be more complex than simple pictures and schematics suggest.
Following Incidents into the Cloud
by Jeff Reed - March 1, 2011
The availability and use of cloud computing continues to grow. Discussions of and references to its benefits and issues grow at a similar pace. As it continues to move from a sort of SOA of the Wild West into the mainstream, more companies will face the myriad questions arising from its use. When, why, where and how should integration with the cloud occur? How can one be certain that a cloud provider will survive through an organizations technology integration lifecycle?
Cloud Security and Compliance: A Primer
by Dave Shackleford - August 6, 2010
A quick guide to cloud computing that address areas of mobility and multi-tenancy, identity and access management, data protection and incident response and assessment.
A Guide to Virtualization Hardening Guides
by Dave Shackleford - May 20, 2010
- Sponsored By: VMWare, Inc
A guide to the virtualization hardening guides that includes key conﬁguration and system security settings for VMware ESX and vSphere/Virtual Infrastructure with key control areas organizations need to consider.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact firstname.lastname@example.org.
All papers are copyrighted. No re-posting or distribution of papers is permitted.