Take the SANS Digital Forensics Survey! Provide Your Expert Perspective and Enter to Win a $400 American Express Card. https://www.surveymonkey.com/s/2013SANSForensicsSurvey

Next-Generation Datacenters = Next-Generation Security

by Dave Shackleford

Sponsored by: McAfee

View PDF

Webcast - Analyst Webcast: Datacenter Virtualization from a Security Perspective

The Critical Security Controls:
What's NAC Got to Do with IT?

by G. Mark Hardy

Sponsored by: ForeScout

View PDF

Webcast - Analyst Webcast: NAC Applied to the Critical Security Controls

Implementing the Critical Security Controls

by Jim D. Hietala

Sponsored by: Tripwire

View PDF

Webcast - Analyst Webcast: Secure Configuration in Action (and How to Apply It)

Results of the SANS SCADA Security Survey

by Matthew E. Luallen

Sponsored by: ABB, Industrial Defender, and Splunk

View PDF

Webcast - Analyst Webcast: Results of the SANS SCADA Security Survey

SANS Survey on Application Security
Programs and Practices

by Jim Bird and Frank Kim

Sponsored by: NT Objectives, Inc, Qualys, White Hat Security and Veracode

View PDF

Webcast - Analyst Webcast: SANS Survey on Application Security Policies in Enterprises

Security Intelligence in Action:
A Review of LogRhythm's SIEM 2.0 Big Data Security Analytics Platform

by Dave Shackleford

Sponsored by: LogRhythm

View PDF

Webcast - Analyst Webcast: Security Intelligence in Action: A Review of LogRhythm's SIEM 2.0 Big Data Security Analytics Platform

What Is Your Mobile Content Policy?
A Checklist for Content Risk Mitigation

by Barbara Filkins

Sponsored by: SAP

View PDF

Webcast - Analyst Webcast: Secure Content Management in a Mobile Age

Blind as a Bat?
Supporting Packet Decryption for Security Scanning

by Dave Shackleford

Sponsored by: VSS Monitoring

View PDF

Webcast - Analyst Webcast: Blind as a Bat? Or Eagle Vision Into Encrypted Packets?

Why Deception Matters in Today's Web Attacks

by John Bumgarner

Sponsored by: Mykonos Software, a Juniper Networks Company

View PDF

Webcast - Analyst Webcast: Why Deception Matters in Today's Web Attacks

SANS Institute Product Review:
Self-Service Provisioning Made Simple: A Review of Oracle Identity Manager 11g R2

by Dave Shackleford

Sponsored by: Oracle

View PDF

SANS Survey on Mobility/BYOD Security Policies and Practices

by Kevin Johnson and Tony DeLaGrange

Sponsored by: Box, F5 Networks, McAfee, MobileIron, Oracle and RSA

View PDF

Webcast - Analyst Webcast: BYOD Security Wish Lists and Policies: Part I of the SANS Mobility Policy and Management Survey

Webcast - Analyst Webcast: BYOD Security Practices, Part II of the SANS Mobility Policy and Management Survey

Beyond Continuous Monitoring: Threat Modeling for Real-time Response

by G. Mark Hardy

Sponsored by: Symantec Corporation

View PDF

Webcast - Analyst Webcast: Beyond Continuous Monitoring: Threat Modeling for Real-time Response

Own Your Network with Continuous Monitoring

by Jerry Shenk

Sponsored by: Tripwire

View PDF

Webcast - Special Webcast: Own Your Own Network: Continuous Monitoring

Securing Data Center Servers: A Review of McAfee Data Center Security Suite Products

by Jim D. Hietala

Sponsored by: McAfee

View PDF

Webcast - Analyst Webcast: Data Center Server Security - A Review of McAfee's Solutions for Securing Physical and Virtualized Servers in the Data Center

Secure Configuration Management Demystified

by Dave Shackleford

Sponsored by: Tripwire

View PDF

Webcast - Analyst Webcast: Secure Configuration Management Demystified

Streamline Risk Management by Automating the SANS 20 Critical Security Controls

by James Tarala

Sponsored by: Bit9, FireEye and Sensage

View PDF

Webcast - Analyst Webcast: Streamline Risk Management With the SANS 20 Critical Security Controls

When Breaches Happen: Top Five Questions to Prepare For

by Dave Shackleford

Sponsored by: Solera Networks

View PDF

Webcast - Analyst Webcast: When Breaches Happen: 5 Questions to Prepare For

SANS Eighth Annual 2012 Log and Event Management Survey Results: Sorting Through the Noise

by Jerry Shenk

Sponsored by: HP Enterprise Security Products, LogLogic, LogRhythm, SenSage, Splunk, Tripwire and Trustwave

View PDF

Webcast - Analyst Webcast - May 01, 2012: Sorting Through the Noise: SANS 8th Log and Event Management Survey, Part I

Webcast - Analyst Webcast - May 03, 2012: Sorting Through the Noise: SANS 8th Log and Event Management Survey, Part II

Reducing Federal Systems Risk with the SANS 20 Critical Controls

by G. Mark Hardy

Sponsored by: Tripwire and Patriot Technologies

View PDF

Webcast - Analyst Webcast Reducing Systems Risk with the SANS 20 Critical Controls

SANS Institute Product Review: Demystifying External Authorization: Oracle Entitlements Server Product Review

by Tanya Baccam

Sponsored by: Oracle

View PDF

Webcast - Analyst Webcast: Demystifying External Authorization: Oracle Entitlements Server Review

SANS Mobility/BYOD Security Survey

by Kevin Johnson

Sponsored by: Bradford Networks, MobileIron, and HP Enterprise Security Products

View PDF

Webcast - Analyst Webcast: SANS Analyst Program Presents: SANS First Annual Mobile Security Survey

Privileged Password Sharing: "root" of All Evil

by J. Michael Butler

Sponsored by: Quest Software

View PDF

Webcast - Analyst Webcast: Privileged Password Sharing: Root of All Evil

Oracle Audit Vault

by Tanya Baccam

Sponsored by: Oracle

View PDF

NetIQ Sentinel 7 Review

by Jerry Shenk

Sponsored by: NetIQ

View PDF

Needle in a Haystack? Getting to Attribution in Control Systems

by Matthew E. Luallen

Sponsored by: LogRhythm, Splunk, Tripwire

View PDF

Webcast - Analyst Webcast: Needle in a Haystack? Getting to Attribution in Control Systems

Oracle Data Masking

by Tanya Baccam

Sponsored by: Oracle

View PDF

Webcast - Tool Talk Webcast: Secure Development and Test Environments with Oracle Data Masking

Oracle Advanced Security

by Tanya Baccam

Sponsored by: Oracle

View PDF

Webcast - Tool Talk Webcast: Transparent Data Encryption for Oracle Databases

Your Pad or Mine? Enabling Secure Personal and Mobile Device Use On Your Network

by Mark Kadrich

Sponsored by: ForeScout

View PDF

Webcast - Analyst Webcast: "Your Pad or Mine?" Enabling Personal and Mobile Device Use On the Network

Critical Control System Vulnerabilities Demonstrated - And What to Do About Them

by Matthew E. Luallen

Sponsored by: NitroSecurity

View PDF

Webcast - Analyst Webcast: Critical Control System Vulnerabilities Demonstrated - And What to Do About Them

SANS Institute Review: Oracle Database Vault

by Tanya Baccam

Sponsored by: Oracle

View PDF

Webcast - Tool Talk Webcast: Oracle Database Vault: Increasing Application and Data Security

APT Dot Gov: Protecting Federal Systems from Advanced Threats

by G. Mark Hardy

Sponsored by: F5 Networks

View PDF

Webcast - Analyst Webcast: Protecting Federal Systems from Persistent, Layered Threats

Adding Enterprise Access Management to Identity Management

by J. Michael Butler

Sponsored by: FoxT

View PDF

SANS Institute Review: Oracle Database Firewall (Part I of an Oracle Security Product Review Series)

by Tanya Baccam

Sponsored by: Oracle

View PDF

Webcast - Tool Talk Webcast: Oracle Database Firewall: Your First Line of Defense

Integrating Security into Development, No Pain Required

by Dave Shackleford

Sponsored by: IBM

View PDF

Webcast - Analyst Webcast: Integrating Security into Development, No Pain Required

Cloudy with a Chance of Better Health Care: Security and Compliance Fundamentals for Protecting e-Health Data

by Barbara Filkins

Sponsored by: ArcSight/H-P and Ping Identity

View PDF

Webcast - Analyst Webcast: Cloudy With a Chance of Better Healthcare: Security and Compliance Fundamentals for Healthcare Data in the Cloud

Optimized Network Monitoring for Real-World Threats

by Dave Shackleford

Sponsored by: VSS Monitoring

View PDF

Webcast - Analyst Webcast: Optimized Network Monitoring for Real-World Threats

Controlling Access, Authentication and Data on the End Point: A Review of DigitalPersona Pro 5.1 for Enterprises

by Jim D. Hietala

Sponsored by: DigitalPersona

View PDF

Webcast - Analyst Webcast: Protecting Access and Data: A Review of DigitalPersona Pro Version 5.1

Security of Applications: It Takes a Village

by Dave Shackleford

Sponsored by: Adobe Systems

View PDF

Webcast - Analyst Webcast: Security of Applications: It Takes a Village Featuring Dave Shackleford and Brad Arkin

Continuous Monitoring: What It Is, Why It Is Needed, and How to Use It

by E. Eugene Schultz, Ph.D.

Sponsored by: Tripwire

View PDF

Webcast - Analyst Webcast: Continuous Monitoring: What it is, Why it's needed, and How to Use it

Network Security: Theory Versus Practice

by James Tarala

Sponsored by: BreakingPoint

View PDF

Webcast - Analyst Webcast: Measuring Network Performance, Security and Stability Under Hostile Conditions: SANS Network Security Survey Results

SANS Seventh Annual Log Management Survey Report

by Jerry Shenk

Sponsored by: ArcSight, LogLogic, LogRhythm, Splunk, & Trustwave

View PDF

Webcast - Special Webcast: SANS 7th Annual Log Management Survey, Part I: More Logs, More Uses

Webcast - Special Webcast: SANS 7th Annual Log Management Survey, Part II: Users Want Better Log Data and More of It!

Extending Role Based Access Control

by J. Michael Butler

Sponsored by: FoxT

View PDF

Webcast - Analyst Webcast: Extensible Role-based Access Controls (XRBAC)

Implementing the 20 Critical Controls with Security Information and Event Management (SIEM) Systems

by James Tarala

Sponsored by: ArcSight

View PDF

Webcast - Analyst Webcast: Addressing the 20 Critical Security Controls with SIEM

Managing Insiders in Utility Control Environments

by Matthew E. Luallen

Sponsored by: ArcSight, Industrial Defender & Waterfall Security

View PDF

Webcast - Analyst Webcast: Managing Insiders (Contractors, Vendors, and Employees) in SCADA Environments

A Real-Time Approach to Continuous Monitoring

by James Tarala

Sponsored by: Netwitness & Splunk

View PDF

Webcast - Analyst Webcast: A Real-Time Approach to Continuous Monitoring

Compliance and Security Challenges with Remote Administration

by Dave Shackleford

Sponsored by: Netop

View PDF

Webcast - Analyst Webcast: Remote Administration and Security Compliance

Building a Better Bunker: Securing Energy Control Systems Against Terrorists and Cyberwarriors

by Jonathan Pollet

Sponsored by: McAfee & Nitro Security

View PDF

Webcast - Analyst Webcast: Building a Better Bunker: Securing Energy Control Systems Against Terrorists and Cyberwarriors

Enabling Social Networking Applications for Enterprise Usage

by Eric Cole, PhD

Sponsored by: Palo Alto Networks

View PDF

Webcast - Analyst Webcast: Taming the Social Network Beast

Sentinel Log Manager Review

by Jerry Shenk

Sponsored by: Novell

View PDF

PCI 2.0: What's New? What Matters? What's Left?

by Dave Hoelzer

Sponsored by: SecureWorks

View PDF

Webcast - Special Webcast: PCI 2.0: What's new? What's important? What's missing?

How to Choose a Qualified Security Assessor

by Dave Shackleford

Sponsored by: SecureWorks

View PDF

Webcast - Special Webcast: PCI 2.0: What's new? What's important? What's missing?

Transparent Data Encryption: New Technologies and Best Practices for Database Encryption

by Tanya Baccam

Sponsored by: Oracle

View PDF

Webcast - Transparent Data Encryption: New Technologies and Best Practices for Database Encryption

Cloud Security and Compliance: A Primer

by Dave Shackleford

Sponsored by: Catbird & McAfee

View PDF

Webcast - Analyst Webcast: A Primer to Compliance and Security in the Cloud

McAfee Total Protection for Server Review

by Dave Shackleford

Sponsored by: McAfee

View PDF

A Guide to Virtualization Hardening Guides

by Dave Shackleford

Sponsored by: VMWare

View PDF

Webcast - Industry Analysts Program - A Guide to Virtual Hardening Guides

SANS Log Management Survey: Mid-Sized Businesses Respond

by Jerry Shenk

Sponsored by: RSA

View PDF

Keys to the Kingdom: Monitoring Privileged User Actions for Security and Compliance

by Dave Shackleford

Sponsored by: LogRhythm

View PDF

Oracle Database Security: What to Look for and Where to Secure

by Tanya Baccam

Sponsored by: Oracle

View PDF

SANS Sixth Annual Log Management Survey Report

by Jerry Shenk

Sponsored by: ArcSight, LogLogic, NetForensics, Novell, RSA and Trustwave

View PDF

Webcast - SANS Sixth Annual Log Management Survey, Part I: More Log Data, More Uses

Webcast - SANS Sixth Annual Log Management Survey, Part II: Deriving More Value from More Data

Managing Operating System (OS) Lock Down

by Dave Shackleford

Sponsored by: Trusted Computer Solutions (TCS)

View PDF

Webcast - Automated Operating System Lockdown: Security Blanket 4.0 Review

Calculating TCO on Intrusion Prevention Technology

by Eugene E. Schultz, Ph.D.

Sponsored by: Sourcefire

View PDF

Webcast - Calculating TCO with Adaptive IPS

Smart Strategies for Securing Extranet Access

by Dave Shackleford

Sponsored by: Oracle

View PDF

Webcast - Smart Strategies for Securing Extranet Access

New Tools on the Bot War Front

by Jerry Shenk

Sponsored by: FireEye

View PDF

Webcast - New Tools on the Bot War Front Webcast Sponsored by FireEye

Making Database Security an IT Security Priority

by Tanya Baccam

Sponsored by: Oracle

View PDF

Webcast - Making Database Security an IT Security Priority Webcast Sponsored by Oracle

Securing a Smarter Grid: Risk Management in Power Utility Networks

by Matthew E. Luallen

Sponsored by: NitroSecurity

View PDF

Webcast - Protecting a Smarter Grid: Power Utility Security

Application Whitelisting: Enhancing Host Security

by Dave Shackleford

Sponsored by: McAfee

View PDF

Webcast - Application Whitelisting Webcast Sponsored by McAfee

IT Audit for the Virtual Environment

by J. Michael Butler and Rob Vandenbrink

Sponsored by: VMWare

View PDF

Webcast - IT Audit for the Virtual Environment Webcast

Top Virtualization Security Mistakes (and How to Avoid Them)

by Jim D. Hietala

Sponsored by: Catbird and McAfee

View PDF

Webcast - Catbird and McAfee Virtualization Webcast

Data Protection Requirements

by Barbara Filkins

Sponsored by: McAfee

View PDF

Data Protection Requirements Checklist

by Barbara Filkins

Sponsored by: McAfee

View PDF

SANS Review: McAfee's Total Protection for Data

by Dave Shackleford

Sponsored by: McAfee

View PDF

SANS Annual 2009 Log Management Survey

by Jerry Shenk

Sponsored by: ArcSight, Intellitactics, and Loglogic

View PDF

Benchmarking Security Information Event Management (SIEM)

by J. Michael Butler

Sponsored by: NitroSecurity

View PDF

ArcSight Logger Review

by Jerry Shenk

Sponsored by: ArcSight

View PDF

Spanish Translation: EspañolView PDF

Real-Time Adaptive Security

by Dave Shackleford

Sponsored by: Sourcefire

View PDF

Log Management in the Cloud: A Comparison of In-House versus Cloud-Based Management of Log Data

by Jerry Shenk

Sponsored by: Alert Logic

View PDF

Demanding More from Log Management Systems

by Jerry Shenk

Sponsored by: LogLogic

View PDF

Monitoring Security and Performance on Converged Traffic Networks

by SANS Analyst, Dave Shackleford

Sponsored by: NIKSUN

View PDF

Leveraging Event and Log Data for Security and Compliance

by SANS Analyst, Dave Shackleford

Sponsored by: Intellitactics

View PDF

Data Leakage Landscape: Where Data Leaks and How Next Generation Tools Apply

by SANS Analyst, Barbara Filkins and Deb Radcliff

Sponsored by: Utimaco and Trend Micro

View PDF

The SANS Database Audit and Compliance Survey

by SANS Analyst, Barbara Filkins

Sponsored by: Lumigent

View PDF

NetDetector/NetVCR 2005 Traffic Analyzer

By Jerry Shenk

Sponsored by: NIKSUN

View PDF

Regulations and Standards: Where Encryption Applies

By Dave Shackleford

Sponsored by: Utimaco Safeware

View PDF

Building Brick Houses: Applying Secure Lifecycle Practices to Web Applications

By Gary W. Longsine and Jonathan Ham

Sponsored by: Watchfire

View PDF

Hardware Versus Software: A Usability Comparison of Software-Based Encryption with Seagate Secure™ Hardware-Based Encryption

By J.D. Hietala

Sponsored by: Seagate

Edited May, 2008

View PDF

Correlating SIM information to Detect Insider Threats

By Dr. Eric Cole

Sponsored by: SenSage

View PDF

Using Security Information Management Systems for PCI Compliance

By Dave Shackleford

Sponsored by: SenSage

View PDF

Encryption Procurement: Setting a Standard

By Stephen Northcutt and Barbara Filkins

Sponsored by: Utimaco

View PDF

The SANS 2007 Log Management Market Report

By Jerry Shenk

Sponsored by: LogLogic

View PDF

Building the Business Case for Log Management Intelligence (LMI) - November 2006

By Steve Mancini and Jerry Shenk

Sponsored by: LogLogic

View PDF

Penetration testing: Assessing Your Overall Security Before Attackers Do - June 2006

By Stephen Northcutt, Jerry Shenk, Dave Shackleford, Tim Rosenberg, Raul Siles and Steve Mancini

Sponsored by: CORE Impact

View PDF

The Log Management Industry: An Untapped Market - June 2006

By Stephen Northcutt, Jerry Shenk & Dave Shackleford

Sponsored by: LogLogic

View PDF

PowerBroker vs. Sudo - February 2006

By Jerry Shenk & Steve Mancini

Sponsored by: Symark

View PDF