Security Training
Security Certification
Cyber Security Graduate School
Internet Storm Center
Security Awareness Training
Computer Forensics
Penetration Testing
IT Audit
Software Security
About SANS Analyst Program
SANS Analysts perform research to identify trends in the IT, IT Security, Operations and IT Audit markets, with access to resources unparalleled anywhere else: The Internet Storm Center for latest in threat information; the GIAC Advisory board of more than 2000 experts with scores of 90 or above on certification exams; and the MGT 512 Alumni on issues and concerns that impact management. If you are interested in learning more, please contact vendor@sans.org.
Featuring 93 Papers as of May, 2013
- Security Intelligence in Action:
SANS Review of McAfee Enterprise Security Manager (ESM) 9.2 - by Dave Shackleford
- Sponsored by: McAfee
- View PDF
- Webcast - Analyst Webcast: Advanced Intelligence in Action: Review of McAfee Enterprise Security Manager 9.2
- Next-Generation Datacenters = Next-Generation Security
- by Dave Shackleford
- Sponsored by: McAfee
- View PDF
- Webcast - Analyst Webcast: Datacenter Virtualization from a Security Perspective
- The Critical Security Controls:
What's NAC Got to Do with IT? - by G. Mark Hardy
- Sponsored by: ForeScout
- View PDF
- Webcast - Analyst Webcast: NAC Applied to the Critical Security Controls
- Implementing the Critical Security Controls
- by Jim D. Hietala
- Sponsored by: Tripwire
- View PDF
- Webcast - Analyst Webcast: Secure Configuration in Action (and How to Apply It)
- Results of the SANS SCADA Security Survey
- by Matthew E. Luallen
- Sponsored by: ABB, Industrial Defender, and Splunk
- View PDF
- Webcast - Analyst Webcast: Results of the SANS SCADA Security Survey
- SANS Survey on Application Security
Programs and Practices - by Jim Bird and Frank Kim
- Sponsored by: NT Objectives, Inc, Qualys, White Hat Security and Veracode
- View PDF
- Webcast - Analyst Webcast: SANS Survey on Application Security Policies in Enterprises
- Security Intelligence in Action:
A Review of LogRhythm's SIEM 2.0 Big Data Security Analytics Platform - by Dave Shackleford
- Sponsored by: LogRhythm
- View PDF
- Webcast - Analyst Webcast: Security Intelligence in Action: A Review of LogRhythm's SIEM 2.0 Big Data Security Analytics Platform
- What Is Your Mobile Content Policy?
A Checklist for Content Risk Mitigation - by Barbara Filkins
- Sponsored by: SAP
- View PDF
- Webcast - Analyst Webcast: Secure Content Management in a Mobile Age
- Blind as a Bat?
Supporting Packet Decryption for Security Scanning - by Dave Shackleford
- Sponsored by: VSS Monitoring
- View PDF
- Webcast - Analyst Webcast: Blind as a Bat? Or Eagle Vision Into Encrypted Packets?
- Why Deception Matters in Today's Web Attacks
- by John Bumgarner
- Sponsored by: Mykonos Software, a Juniper Networks Company
- View PDF
- Webcast - Analyst Webcast: Why Deception Matters in Today's Web Attacks
- SANS Institute Product Review:
Self-Service Provisioning Made Simple: A Review of Oracle Identity Manager 11g R2 - by Dave Shackleford
- Sponsored by: Oracle
- View PDF
- SANS Survey on Mobility/BYOD Security Policies and Practices
- by Kevin Johnson and Tony DeLaGrange
- Sponsored by: Box, F5 Networks, McAfee, MobileIron, Oracle and RSA
- View PDF
- Webcast - Analyst Webcast: BYOD Security Wish Lists and Policies: Part I of the SANS Mobility Policy and Management Survey
- Webcast - Analyst Webcast: BYOD Security Practices, Part II of the SANS Mobility Policy and Management Survey
- Beyond Continuous Monitoring: Threat Modeling for Real-time Response
- by G. Mark Hardy
- Sponsored by: Symantec Corporation
- View PDF
- Webcast - Analyst Webcast: Beyond Continuous Monitoring: Threat Modeling for Real-time Response
- Own Your Network with Continuous Monitoring
- by Jerry Shenk
- Sponsored by: Tripwire
- View PDF
- Webcast - Special Webcast: Own Your Own Network: Continuous Monitoring
- Securing Data Center Servers: A Review of McAfee Data Center Security Suite Products
- by Jim D. Hietala
- Sponsored by: McAfee
- View PDF
- Webcast - Analyst Webcast: Data Center Server Security - A Review of McAfee's Solutions for Securing Physical and Virtualized Servers in the Data Center
- Secure Configuration Management Demystified
- by Dave Shackleford
- Sponsored by: Tripwire
- View PDF
- Webcast - Analyst Webcast: Secure Configuration Management Demystified
- Streamline Risk Management by Automating the SANS 20 Critical Security Controls
- by James Tarala
- Sponsored by: Bit9, FireEye and Sensage
- View PDF
- Webcast - Analyst Webcast: Streamline Risk Management With the SANS 20 Critical Security Controls
- When Breaches Happen: Top Five Questions to Prepare For
- by Dave Shackleford
- Sponsored by: Solera Networks
- View PDF
- Webcast - Analyst Webcast: When Breaches Happen: 5 Questions to Prepare For
- SANS Eighth Annual 2012 Log and Event Management Survey Results: Sorting Through the Noise
- by Jerry Shenk
- Sponsored by: HP Enterprise Security Products, LogLogic, LogRhythm, SenSage, Splunk, Tripwire and Trustwave
- View PDF
- Webcast - Analyst Webcast - May 01, 2012: Sorting Through the Noise: SANS 8th Log and Event Management Survey, Part I
- Webcast - Analyst Webcast - May 03, 2012: Sorting Through the Noise: SANS 8th Log and Event Management Survey, Part II
- Reducing Federal Systems Risk with the SANS 20 Critical Controls
- by G. Mark Hardy
- Sponsored by: Tripwire and Patriot Technologies
- View PDF
- Webcast - Analyst Webcast Reducing Systems Risk with the SANS 20 Critical Controls
- SANS Institute Product Review: Demystifying External Authorization: Oracle Entitlements Server Product Review
- by Tanya Baccam
- Sponsored by: Oracle
- View PDF
- Webcast - Analyst Webcast: Demystifying External Authorization: Oracle Entitlements Server Review
- SANS Mobility/BYOD Security Survey
- by Kevin Johnson
- Sponsored by: Bradford Networks, MobileIron, and HP Enterprise Security Products
- View PDF
- Webcast - Analyst Webcast: SANS Analyst Program Presents: SANS First Annual Mobile Security Survey
- Privileged Password Sharing: "root" of All Evil
- by J. Michael Butler
- Sponsored by: Quest Software
- View PDF
- Webcast - Analyst Webcast: Privileged Password Sharing: Root of All Evil
- Oracle Audit Vault
- by Tanya Baccam
- Sponsored by: Oracle
- View PDF
- NetIQ Sentinel 7 Review
- by Jerry Shenk
- Sponsored by: NetIQ
- View PDF
- Needle in a Haystack? Getting to Attribution in Control Systems
- by Matthew E. Luallen
- Sponsored by: LogRhythm, Splunk, Tripwire
- View PDF
- Webcast - Analyst Webcast: Needle in a Haystack? Getting to Attribution in Control Systems
- Oracle Data Masking
- by Tanya Baccam
- Sponsored by: Oracle
- View PDF
- Webcast - Tool Talk Webcast: Secure Development and Test Environments with Oracle Data Masking
- Oracle Advanced Security
- by Tanya Baccam
- Sponsored by: Oracle
- View PDF
- Webcast - Tool Talk Webcast: Transparent Data Encryption for Oracle Databases
- Your Pad or Mine? Enabling Secure Personal and Mobile Device Use On Your Network
- by Mark Kadrich
- Sponsored by: ForeScout
- View PDF
- Webcast - Analyst Webcast: "Your Pad or Mine?" Enabling Personal and Mobile Device Use On the Network
- Critical Control System Vulnerabilities Demonstrated - And What to Do About Them
- by Matthew E. Luallen
- Sponsored by: NitroSecurity
- View PDF
- Webcast - Analyst Webcast: Critical Control System Vulnerabilities Demonstrated - And What to Do About Them
- SANS Institute Review: Oracle Database Vault
- by Tanya Baccam
- Sponsored by: Oracle
- View PDF
- Webcast - Tool Talk Webcast: Oracle Database Vault: Increasing Application and Data Security
- APT Dot Gov: Protecting Federal Systems from Advanced Threats
- by G. Mark Hardy
- Sponsored by: F5 Networks
- View PDF
- Webcast - Analyst Webcast: Protecting Federal Systems from Persistent, Layered Threats
- Adding Enterprise Access Management to Identity Management
- by J. Michael Butler
- Sponsored by: FoxT
- View PDF
- SANS Institute Review: Oracle Database Firewall (Part I of an Oracle Security Product Review Series)
- by Tanya Baccam
- Sponsored by: Oracle
- View PDF
- Webcast - Tool Talk Webcast: Oracle Database Firewall: Your First Line of Defense
- Integrating Security into Development, No Pain Required
- by Dave Shackleford
- Sponsored by: IBM
- View PDF
- Webcast - Analyst Webcast: Integrating Security into Development, No Pain Required
- Cloudy with a Chance of Better Health Care: Security and Compliance Fundamentals for Protecting e-Health Data
- by Barbara Filkins
- Sponsored by: ArcSight/H-P and Ping Identity
- View PDF
- Webcast - Analyst Webcast: Cloudy With a Chance of Better Healthcare: Security and Compliance Fundamentals for Healthcare Data in the Cloud
- Optimized Network Monitoring for Real-World Threats
- by Dave Shackleford
- Sponsored by: VSS Monitoring
- View PDF
- Webcast - Analyst Webcast: Optimized Network Monitoring for Real-World Threats
- Controlling Access, Authentication and Data on the End Point: A Review of DigitalPersona Pro 5.1 for Enterprises
- by Jim D. Hietala
- Sponsored by: DigitalPersona
- View PDF
- Webcast - Analyst Webcast: Protecting Access and Data: A Review of DigitalPersona Pro Version 5.1
- Security of Applications: It Takes a Village
- by Dave Shackleford
- Sponsored by: Adobe Systems
- View PDF
- Webcast - Analyst Webcast: Security of Applications: It Takes a Village Featuring Dave Shackleford and Brad Arkin
- Continuous Monitoring: What It Is, Why It Is Needed, and How to Use It
- by E. Eugene Schultz, Ph.D.
- Sponsored by: Tripwire
- View PDF
- Webcast - Analyst Webcast: Continuous Monitoring: What it is, Why it's needed, and How to Use it
- Network Security: Theory Versus Practice
- by James Tarala
- Sponsored by: BreakingPoint
- View PDF
- Webcast - Analyst Webcast: Measuring Network Performance, Security and Stability Under Hostile Conditions: SANS Network Security Survey Results
- SANS Seventh Annual Log Management Survey Report
- by Jerry Shenk
- Sponsored by: ArcSight, LogLogic, LogRhythm, Splunk, & Trustwave
- View PDF
- Webcast - Special Webcast: SANS 7th Annual Log Management Survey, Part I: More Logs, More Uses
- Webcast - Special Webcast: SANS 7th Annual Log Management Survey, Part II: Users Want Better Log Data and More of It!
- Extending Role Based Access Control
- by J. Michael Butler
- Sponsored by: FoxT
- View PDF
- Webcast - Analyst Webcast: Extensible Role-based Access Controls (XRBAC)
- Implementing the 20 Critical Controls with Security Information and Event Management (SIEM) Systems
- by James Tarala
- Sponsored by: ArcSight
- View PDF
- Webcast - Analyst Webcast: Addressing the 20 Critical Security Controls with SIEM
- Managing Insiders in Utility Control Environments
- by Matthew E. Luallen
- Sponsored by: ArcSight, Industrial Defender & Waterfall Security
- View PDF
- Webcast - Analyst Webcast: Managing Insiders (Contractors, Vendors, and Employees) in SCADA Environments
- A Real-Time Approach to Continuous Monitoring
- by James Tarala
- Sponsored by: Netwitness & Splunk
- View PDF
- Webcast - Analyst Webcast: A Real-Time Approach to Continuous Monitoring
- Compliance and Security Challenges with Remote Administration
- by Dave Shackleford
- Sponsored by: Netop
- View PDF
- Webcast - Analyst Webcast: Remote Administration and Security Compliance
- Building a Better Bunker: Securing Energy Control Systems Against Terrorists and Cyberwarriors
- by Jonathan Pollet
- Sponsored by: McAfee & Nitro Security
- View PDF
- Webcast - Analyst Webcast: Building a Better Bunker: Securing Energy Control Systems Against Terrorists and Cyberwarriors
- Enabling Social Networking Applications for Enterprise Usage
- by Eric Cole, PhD
- Sponsored by: Palo Alto Networks
- View PDF
- Webcast - Analyst Webcast: Taming the Social Network Beast
- Sentinel Log Manager Review
- by Jerry Shenk
- Sponsored by: Novell
- View PDF
- PCI 2.0: What's New? What Matters? What's Left?
- by Dave Hoelzer
- Sponsored by: SecureWorks
- View PDF
- Webcast - Special Webcast: PCI 2.0: What's new? What's important? What's missing?
- How to Choose a Qualified Security Assessor
- by Dave Shackleford
- Sponsored by: SecureWorks
- View PDF
- Webcast - Special Webcast: PCI 2.0: What's new? What's important? What's missing?
- Transparent Data Encryption: New Technologies and Best Practices for Database Encryption
- by Tanya Baccam
- Sponsored by: Oracle
- View PDF
- Webcast - Transparent Data Encryption: New Technologies and Best Practices for Database Encryption
- Cloud Security and Compliance: A Primer
- by Dave Shackleford
- Sponsored by: Catbird & McAfee
- View PDF
- Webcast - Analyst Webcast: A Primer to Compliance and Security in the Cloud
- McAfee Total Protection for Server Review
- by Dave Shackleford
- Sponsored by: McAfee
- View PDF
- A Guide to Virtualization Hardening Guides
- by Dave Shackleford
- Sponsored by: VMWare
- View PDF
- Webcast - Industry Analysts Program - A Guide to Virtual Hardening Guides
- SANS Log Management Survey: Mid-Sized Businesses Respond
- by Jerry Shenk
- Sponsored by: RSA
- View PDF
- Keys to the Kingdom: Monitoring Privileged User Actions for Security and Compliance
- by Dave Shackleford
- Sponsored by: LogRhythm
- View PDF
- Oracle Database Security: What to Look for and Where to Secure
- by Tanya Baccam
- Sponsored by: Oracle
- View PDF
- SANS Sixth Annual Log Management Survey Report
- by Jerry Shenk
- Sponsored by: ArcSight, LogLogic, NetForensics, Novell, RSA and Trustwave
- View PDF
- Webcast - SANS Sixth Annual Log Management Survey, Part I: More Log Data, More Uses
- Webcast - SANS Sixth Annual Log Management Survey, Part II: Deriving More Value from More Data
- Managing Operating System (OS) Lock Down
- by Dave Shackleford
- Sponsored by: Trusted Computer Solutions (TCS)
- View PDF
- Webcast - Automated Operating System Lockdown: Security Blanket 4.0 Review
- Calculating TCO on Intrusion Prevention Technology
- by Eugene E. Schultz, Ph.D.
- Sponsored by: Sourcefire
- View PDF
- Webcast - Calculating TCO with Adaptive IPS
- Smart Strategies for Securing Extranet Access
- by Dave Shackleford
- Sponsored by: Oracle
- View PDF
- Webcast - Smart Strategies for Securing Extranet Access
- New Tools on the Bot War Front
- by Jerry Shenk
- Sponsored by: FireEye
- View PDF
- Webcast - New Tools on the Bot War Front Webcast Sponsored by FireEye
- Making Database Security an IT Security Priority
- by Tanya Baccam
- Sponsored by: Oracle
- View PDF
- Webcast - Making Database Security an IT Security Priority Webcast Sponsored by Oracle
- Securing a Smarter Grid: Risk Management in Power Utility Networks
- by Matthew E. Luallen
- Sponsored by: NitroSecurity
- View PDF
- Webcast - Protecting a Smarter Grid: Power Utility Security
- Application Whitelisting: Enhancing Host Security
- by Dave Shackleford
- Sponsored by: McAfee
- View PDF
- Webcast - Application Whitelisting Webcast Sponsored by McAfee
- IT Audit for the Virtual Environment
- by J. Michael Butler and Rob Vandenbrink
- Sponsored by: VMWare
- View PDF
- Webcast - IT Audit for the Virtual Environment Webcast
- Top Virtualization Security Mistakes (and How to Avoid Them)
- by Jim D. Hietala
- Sponsored by: Catbird and McAfee
- View PDF
- Webcast - Catbird and McAfee Virtualization Webcast
- Data Protection Requirements
- by Barbara Filkins
- Sponsored by: McAfee
- View PDF
- Data Protection Requirements Checklist
- by Barbara Filkins
- Sponsored by: McAfee
- View PDF
- SANS Review: McAfee's Total Protection for Data
- by Dave Shackleford
- Sponsored by: McAfee
- View PDF
- SANS Annual 2009 Log Management Survey
- by Jerry Shenk
- Sponsored by: ArcSight, Intellitactics, and Loglogic
- View PDF
- Benchmarking Security Information Event Management (SIEM)
- by J. Michael Butler
- Sponsored by: NitroSecurity
- View PDF
- ArcSight Logger Review
- by Jerry Shenk
- Sponsored by: ArcSight
- View PDF
- Spanish Translation: EspañolView PDF
- Real-Time Adaptive Security
- by Dave Shackleford
- Sponsored by: Sourcefire
- View PDF
- Log Management in the Cloud: A Comparison of In-House versus Cloud-Based Management of Log Data
- by Jerry Shenk
- Sponsored by: Alert Logic
- View PDF
- Demanding More from Log Management Systems
- by Jerry Shenk
- Sponsored by: LogLogic
- View PDF
- Monitoring Security and Performance on Converged Traffic Networks
- by SANS Analyst, Dave Shackleford
- Sponsored by: NIKSUN
- View PDF
- Leveraging Event and Log Data for Security and Compliance
- by SANS Analyst, Dave Shackleford
- Sponsored by: Intellitactics
- View PDF
- Data Leakage Landscape: Where Data Leaks and How Next Generation Tools Apply
- by SANS Analyst, Barbara Filkins and Deb Radcliff
- Sponsored by: Utimaco and Trend Micro
- View PDF
- The SANS Database Audit and Compliance Survey
- by SANS Analyst, Barbara Filkins
- Sponsored by: Lumigent
- View PDF
- NetDetector/NetVCR 2005 Traffic Analyzer
- By Jerry Shenk
- Sponsored by: NIKSUN
- View PDF
- Regulations and Standards: Where Encryption Applies
- By Dave Shackleford
- Sponsored by: Utimaco Safeware
- View PDF
- Building Brick Houses: Applying Secure Lifecycle Practices to Web Applications
- By Gary W. Longsine and Jonathan Ham
- Sponsored by: Watchfire
- View PDF
- Hardware Versus Software: A Usability Comparison of Software-Based Encryption with Seagate Secure™ Hardware-Based Encryption
- By J.D. Hietala
- Sponsored by: Seagate
- Edited May, 2008
- View PDF
- Correlating SIM information to Detect Insider Threats
- By Dr. Eric Cole
- Sponsored by: SenSage
- View PDF
- Using Security Information Management Systems for PCI Compliance
- By Dave Shackleford
- Sponsored by: SenSage
- View PDF
- Encryption Procurement: Setting a Standard
- By Stephen Northcutt and Barbara Filkins
- Sponsored by: Utimaco
- View PDF
- The SANS 2007 Log Management Market Report
- By Jerry Shenk
- Sponsored by: LogLogic
- View PDF
- Building the Business Case for Log Management Intelligence (LMI) - November 2006
- By Steve Mancini and Jerry Shenk
- Sponsored by: LogLogic
- View PDF
- Penetration testing: Assessing Your Overall Security Before Attackers Do - June 2006
- By Stephen Northcutt, Jerry Shenk, Dave Shackleford, Tim Rosenberg, Raul Siles and Steve Mancini
- Sponsored by: CORE Impact
- View PDF
- The Log Management Industry: An Untapped Market - June 2006
- By Stephen Northcutt, Jerry Shenk & Dave Shackleford
- Sponsored by: LogLogic
- View PDF
- PowerBroker vs. Sudo - February 2006
- By Jerry Shenk & Steve Mancini
- Sponsored by: Symark
- View PDF
Check Them Out!
SANS provides an unbiased view of the technical issues we face today.
-Mark Towers, Nokia
