SANS InfoSec Reading Room - Commercial Software

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

Featuring 13 papers as of May 25, 2013

EnterpriseOne Security Solution for Real Estate Management

By: Ruben Amely-Velez (posted on January 26, 2005)

This paper will discuss the business request from Real Estate Management to Information Security to create a security model for production implementation.

Areas To Consider When Implementing PeopleSoft

By: Dirk Norman (posted on March 2, 2004)

This paper will address some of the basic principles of securing a PeopleSoft application and discuss some of the security features that can help secure the data.

Security Applications for Cisco NetFlow Data

By: Jana Dunn (posted on October 31, 2003)

During or after a security incident, the data collected with network monitoring tools can assist network managers in determining what has happened, what remediation needs to be done, and how to prevent future occurrences.

ElcomSoft vs. Adobe: How AEBPR cracked Adobe's Acrobat E-Book Reader

By: Austen Woods (posted on October 31, 2003)

This paper will look at this security model, and examine how a program such as AEPBR has been able to circumvent it.

How To Implement Security in the MAX TNT RAS Server

By: Gilson Silva (posted on October 31, 2003)

This document intends to show the necessary configurations and cares to provide a more secure DIAL or ISDN (Integrated Service Digital Network) access network, based on equipments Lucent MAX TNT.

Norton AntiVirus C.E 7.6

By: Andre Botelho (posted on October 31, 2003)

This document covers most of the new fetchers of NavCE, and includes some URL's for further research of this product.

Anti-virus Software: The Challenge of Being Prepared for Tomorrow's MalWare Today

By: Lisa Galarneau (posted on October 31, 2003)

One of the common themes in this advice is to select and deploy at least one and possibly more Anti-virus Software packages.

Distributed Security Management for the Enterprise

By: William DiProfio (posted on October 31, 2003)

The focus of this paper is on managed security, specifically one product that has been on the market for almost a year, Spectrum Security Manager.

Choosing Your Anti-virus Software

By: Jacqueline Castelli (posted on October 31, 2003)

The first step to choosing anti-virus software is to understand how they work.

Understanding Lotus Notes Security & Execution Control List (ECL) Settings

By: Kurt E. Sanders (posted on October 31, 2003)

This article will prepare you, your system administrators and your clients for the next generation of hackers who will design "Email Neutral" viruses that can run freely on both Lotus Notes and Microsoft Outlook workstations.

Using MOM 2000 to Secure Servers

By: Wyatt Banks (posted on October 31, 2003)

The primary focus of this paper is to show how MOM 2000 out of the box can address many security issues and act as your eyes and ears on every managed machine.

Oracle Collaboration Suite Security

By: Chris Bennett (posted on October 31, 2003)

This paper discusses the Oracle Collaboration Suite, a collaborative communication platform that includes Email, IMAP, POP3, Webmail, Portal, Calendar, Oracle Files, Wireless, Voicemail and Fax services within a single framework.

Polycom Videoconferencing Endpoint Security and Configuration

By: Scott Christianson (posted on June 3, 2002)

This paper focuses on the security of videoconferencing endpoints made by Polycom Corporation