- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- SANS Curricula
- Certified Instructors
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Top 25 Papers
Last Updated July 03, 2009
An Inexpensive Wireless IDS using Kismet and OpenWRT
By: Jason Murray
Category: Intrusion Detection
Wireless Access
Posted: May 4, 2009
Detecting and Preventing Anonymous Proxy Usage
By: John Brozycki
Category: Intrusion Detection
Posted: November 6, 2008
OpenVPN and the SSL VPN Revolution
By: Charlie Hosner
Category: Encryption & VPNs
Posted: August 25, 2004
Information Security Policy - A Development Guide for Large and Small Companies
By: Sorcha Diver
Category: Security Policy Issues
Posted: March 2, 2004
Scanning Windows Deeper With the Nmap Scanning Engine
By: Ron Bowes
Category: Penetration Testing
Posted: June 22, 2009
Beer - The Key Ingredient to Team Development
By: Brad Ruppert
Category: Management & Leadership
Posted: May 20, 2009
Windows Vista: First Steps
By: Johannes Ullrich
Category: Windows Issues
Posted: December 23, 2003
A Guide to Security Metrics
By: Shirley Payne
Category: Auditing & Assessment
Posted: June 26, 2006
IOScat - a Port of Netcat's TCP functions to Cisco IOS
By: Robert Vandenbrink
Category: Tools
Posted: May 29, 2009
Building an Automated Behavioral Malware Analysis Environment using Open Source Software
By: Jim Clausing
Category: Tools
Posted: June 18, 2009
Incident Handlers Guide to SQL Injection Worms
By: Justin Folkerts
Category: Incident Handling
Posted: June 18, 2009
A Virtually Secure Browser
By: Seth Misenar
Category: Home & Small Office
Posted: June 16, 2009
Developing a Security-Awareness Culture - Improving Security Decision Making
By: Chris Garrett
Category: Security Awareness
Posted: January 18, 2005
PCI DSS and Incident Handling: What is required before, during and after an incident
By: Christian J. Moldes
Category: Incident Handling
Posted: June 16, 2009
An Introduction to Information System Risk Management
By: Steve Elky
Category: Auditing & Assessment
Posted: June 6, 2006
Virtual Rapid Response Systems
By: Chris Mohan
Category: Incident Handling
Posted: June 10, 2009
Effective Time and Communication Management
By: Brad Ruppert
Category: Management & Leadership
Posted: June 9, 2009
Inside a Phish
By: John Brozycki
Category: Case Studies
Malicious Code
Posted: June 25, 2009
AppSec - Cross Site Request Forgery: What Attackers Don't Want You to Know
By: Jason Lam & Johannes B. Ullrich
Category: Application/Database Sec
Posted: May 22, 2009
A Reverse Proxy Is A Proxy By Any Other Name
By: Art Stricek
Category: Web Servers
Posted: January 10, 2002
WiFi with BackTrack
By: Antonio Merola
Category: Auditing & Assessment
Posted: December 24, 2007
Data Center Physical Security Checklist
By: Sean Heare
Category: Security Awareness
Posted: December 1, 2001
Easy Steps to Cisco Extended Access List
By: Nancy Navato
Category: Network Devices
Posted: July 5, 2001
AppSec - Protecting Your Web Apps: Two Big Mistakes and 12 Practical Tips to Avoid Them
By: Ed Skoudis and Frank Kim
Category: Application/Database Sec
Posted: March 2, 2009
Visual Baselines - Maximizing Economies of Scale Using Round Robin Databases
By: Kirsten Hook
Category: GIAC Honors Papers
Logging Technology and Techniques
Posted: January 11, 2007
By: Jason Murray
Category: Intrusion Detection
Wireless Access
Posted: May 4, 2009
Detecting and Preventing Anonymous Proxy Usage
By: John Brozycki
Category: Intrusion Detection
Posted: November 6, 2008
OpenVPN and the SSL VPN Revolution
By: Charlie Hosner
Category: Encryption & VPNs
Posted: August 25, 2004
Information Security Policy - A Development Guide for Large and Small Companies
By: Sorcha Diver
Category: Security Policy Issues
Posted: March 2, 2004
Scanning Windows Deeper With the Nmap Scanning Engine
By: Ron Bowes
Category: Penetration Testing
Posted: June 22, 2009
Beer - The Key Ingredient to Team Development
By: Brad Ruppert
Category: Management & Leadership
Posted: May 20, 2009
Windows Vista: First Steps
By: Johannes Ullrich
Category: Windows Issues
Posted: December 23, 2003
A Guide to Security Metrics
By: Shirley Payne
Category: Auditing & Assessment
Posted: June 26, 2006
IOScat - a Port of Netcat's TCP functions to Cisco IOS
By: Robert Vandenbrink
Category: Tools
Posted: May 29, 2009
Building an Automated Behavioral Malware Analysis Environment using Open Source Software
By: Jim Clausing
Category: Tools
Posted: June 18, 2009
Incident Handlers Guide to SQL Injection Worms
By: Justin Folkerts
Category: Incident Handling
Posted: June 18, 2009
A Virtually Secure Browser
By: Seth Misenar
Category: Home & Small Office
Posted: June 16, 2009
Developing a Security-Awareness Culture - Improving Security Decision Making
By: Chris Garrett
Category: Security Awareness
Posted: January 18, 2005
PCI DSS and Incident Handling: What is required before, during and after an incident
By: Christian J. Moldes
Category: Incident Handling
Posted: June 16, 2009
An Introduction to Information System Risk Management
By: Steve Elky
Category: Auditing & Assessment
Posted: June 6, 2006
Virtual Rapid Response Systems
By: Chris Mohan
Category: Incident Handling
Posted: June 10, 2009
Effective Time and Communication Management
By: Brad Ruppert
Category: Management & Leadership
Posted: June 9, 2009
Inside a Phish
By: John Brozycki
Category: Case Studies
Malicious Code
Posted: June 25, 2009
AppSec - Cross Site Request Forgery: What Attackers Don't Want You to Know
By: Jason Lam & Johannes B. Ullrich
Category: Application/Database Sec
Posted: May 22, 2009
A Reverse Proxy Is A Proxy By Any Other Name
By: Art Stricek
Category: Web Servers
Posted: January 10, 2002
WiFi with BackTrack
By: Antonio Merola
Category: Auditing & Assessment
Posted: December 24, 2007
Data Center Physical Security Checklist
By: Sean Heare
Category: Security Awareness
Posted: December 1, 2001
Easy Steps to Cisco Extended Access List
By: Nancy Navato
Category: Network Devices
Posted: July 5, 2001
AppSec - Protecting Your Web Apps: Two Big Mistakes and 12 Practical Tips to Avoid Them
By: Ed Skoudis and Frank Kim
Category: Application/Database Sec
Posted: March 2, 2009
Visual Baselines - Maximizing Economies of Scale Using Round Robin Databases
By: Kirsten Hook
Category: GIAC Honors Papers
Logging Technology and Techniques
Posted: January 11, 2007
Check Them Out!
SANS is without a doubt the best technical training organization out there. If I had to limit my training budget to one course per year, it would be from SANS.
-Anthony DiMarco, Osteotech, Inc.
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy