The most trusted source for computer security training, certification and research.



Last 25 papers added to the Reading Room

Last Updated Jan 28, 2010
The Evolving Role of Security Structures
Dale Emel
Category: Management & Leadership
Posted: January 28, 2010

Capturing and Analyzing Packets with Perl
John Brozycki
Category: Intrusion Detection
Posted: January 28, 2010

Winquisitor: Windows Information Gathering Tool
Michael Cardosa
Category: Incident Handling
Posted: January 19, 2010

Smart IDS - Hybrid LaBrea Tarpit
Cristian Ruvalcaba
Category: Case Studies
Posted: December 28, 2009

A Taste of Scapy
Judy Novak
Category: Penetration Testing
Posted: December 24, 2009

Securing the Network Perimeter of a Community Bank
Steven Launius
Category: Firewalls & Perimeter Protection
Posted: December 17, 2009

Preventing Incidents with a Hardened Web Browser
Chris Crowley
Category: Best Practices
Posted: December 15, 2009

Information Security: Starting Out
Stewart James
Category: Getting Started/InfoSec
Posted: December 7, 2009

Defense in Depth: How Application Whitelisting Can Increase Your Desktop Security
Faronics
Category: System Administration
Posted: November 23, 2009

Gathering Security Metrics and Reaping the Rewards
Dan Rathbun
Category: Management & Leadership
Posted: November 16, 2009

Implementing Data-at-Rest Encryption within the Oracle RDBMS
RDC, Inc.
Category: Web Servers
Posted: November 12, 2009

Hey Dude! I Can Do a Great Humphrey Bogart!
Lee Peterson
Category: Network Devices
Posted: November 11, 2009

A Multi-Perspective View of PHP Remote File Include Attacks
Dennis Schwarz
Category: Intrusion Detection
Posted: November 10, 2009

Check Point Firewall Log Analysis In-Depth
Mark Stingley
Category: Logging Technology and Techniques
Posted: November 10, 2009

Efficiently Deducing IDS False Positives Using System Profiling
Michael Karwaski
Category: Intrusion Detection
Posted: November 9, 2009

Why Crack When You Can Pass the Hash?
Christopher Hummel
Category: Penetration Testing
Posted: November 3, 2009

A Fuzzing Approach to Credentials Discovery using Burp Intruder
Karl Dawson
Category: Penetration Testing
Posted: October 29, 2009

Women in IT Security Project Management
Gurdeep Kaur
Category: Management & Leadership
Posted: October 27, 2009

Two-Factor Authentication: Can You Choose the Right One?
Emilio Valente
Category: Authentication
Posted: October 15, 2009

Security Concerns in Using Open Source Software for Enterprise Requirements
Sreenivasa Vadalasetty
Category: Security Awareness
Posted: October 8, 2009

Harness the Power of SIEM
Dereck Haye
Category: Intrusion Detection
Posted: October 6, 2009

Cisco Security Agent and Incident Handling
Greg Farnham
Category: Incident Handling
Posted: October 1, 2009

Six Ways to Reduce PCI DSS Audit Scope by Tokenizing Cardholder data
nuBridges, inc
Category: Best Practices
Posted: September 29, 2009

Simple Windows Batch Scripting for Intrusion Discovery
Tim Proffitt
Category: Auditing & Assessment
Posted: September 29, 2009

Best Practices in Data Protection: Encryption, Key Management and Tokenization
nuBridges, Inc.
Category: Unix Issues
Posted: September 29, 2009


Contact us: (301) 654-SANS(7267)
Monday - Friday 9am-8pm EST/EDT