- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
SANS InfoSec Reading Room - Security Basics
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.
Featuring 76 papers as of Aug 29, 2008
- Preparing to face new vulnerabilities
- Jacelyn Faucher
- June 25, 2008
- - download paper
- Firefox VS Windows Internet Explorer
- Robert Comella
- January 29, 2008
- - download paper
- Computer Security Education – The Tool for Today
- Ian Burke
- October 25, 2007
- - download paper
- GCFW Practical Assignment Critique
- Bart Hubbs
- March 9, 2005
- - download paper
- Network Security- A Guide for Small and Mid-sized Businesses
- Jim Hietala
- January 26, 2005
- - download paper
- Transmission Media Security
- Charles Esparza
- January 18, 2005
- - download paper
- Introduction to Host Based Cyber Defense
- Roy Nielsen
- January 17, 2005
- - download paper
- The State of Patching Windows
- Rafael Cappas
- July 25, 2004
- - download paper
- Information Security For Churches and Small Non-Profit Organizations
- Jay Petel
- April 8, 2004
- - download paper
- The Use and Administration of Shared Accounts
- David Johnson
- December 13, 2003
- - download paper
- Implementing/Re-Implementing Change Control Policies
- Derek P. Milroy
- October 31, 2003
- - download paper
- Hardening Bastion Hosts
- Todd Jenkins
- October 31, 2003
- - download paper
- Vulnerability Assessment
- Susan Cima
- October 31, 2003
- - download paper
- Plugging the holes! Your data is leaking OUT!
- Robert G Downey
- October 31, 2003
- - download paper
- Security for Small and New IT Departments: Get Your Big Rocks In First
- Greg Rolling
- October 31, 2003
- - download paper
- I Think Our Internet Connection is Down
- Raymond Hillen
- October 31, 2003
- - download paper
- AS/400 & iSeries: A Comprehensive Guide to Setting System Values to Common Best Practice Securit
- Matthew R. Smith
- October 31, 2003
- - download paper
- Espionage and the Insider
- Steve Kipp
- October 31, 2003
- - download paper
- Toward Global Security
- Paul Tremer
- October 31, 2003
- - download paper
- A User's Guide to Security Threats on the Desktop
- Richard D. Hagen
- October 31, 2003
- - download paper
- IT Infrastructure Security-Step by Step
- Karnail Singh
- October 31, 2003
- - download paper
- Facilitating the Qualitative Security Assessment: Overview of the Process of Defining and Delivering
- Mike Kleckner
- October 31, 2003
- - download paper
- Extranets: The Weakest Link & Security
- Slawomir Marcinkowski
- October 31, 2003
- - download paper
- Users Wary of Microsoft's .NET
- Jeffrey Hudack
- October 31, 2003
- - download paper
- Digital Rights Management Overview
- Austin Russ
- October 31, 2003
- - download paper
- Oh Answer, Where Are Thou? or Gee, There's a Lot to Know
- Jim Sherrill
- October 31, 2003
- - download paper
- A "Bag of Tricks" Approach to Proactive Security
- Mitch Saba
- October 31, 2003
- - download paper
- Spyware & Network Security
- Lester D. Cheveallier
- October 31, 2003
- - download paper
- Ten Days to Network Security
- Paul A. Zocco
- October 31, 2003
- - download paper
- Jekyll & Hyde in the Boardroom
- David A. Nixon
- October 31, 2003
- - download paper
- The Weakest Link...This Is Not a Game!
- Jack Daniels
- October 31, 2003
- - download paper
- Why Small Businesses Need to Secure Their Computers (and How to Do it!)
- Bruce Diamond
- October 31, 2003
- - download paper
- The Computer Security Threat to Small and Medium Sized Businesses -A Manager';s Primer
- Michael A. Regan
- October 31, 2003
- - download paper
- Information Security Primer
- CraigE. Lindner
- October 31, 2003
- - download paper
- Information Security 101: Security for Newbies
- Frederick Kim
- October 31, 2003
- - download paper
- Manage your Security Initiative as a Project
- Rex Robitschek
- October 31, 2003
- - download paper
- Organizational IT Security Theory and Practice: And Never the Twain Shall Meet?
- John Jenkins
- October 31, 2003
- - download paper
- Implementing a Successful Security Assessment Process
- Bradley Hart
- October 31, 2003
- - download paper
- Securing Network Infrastructure and Switched Networks
- Richard Wagner
- October 31, 2003
- - download paper
- Implementing an Information Security Program
- Kevin L. Nichols
- October 31, 2003
- - download paper
- OK, So I Need Security. Where Do I Start?
- Lyde Andrews
- October 31, 2003
- - download paper
- A Paper on the Promotion of Application Security Awareness
- Man-Sau Yi
- October 31, 2003
- - download paper
- Network Security Is Like Eating Crab's Legs - Is the Taste Worth the Effort?
- Charles F. Romanus
- October 31, 2003
- - download paper
- Security from Scratch ... How to Achieve It
- Alan Davies
- October 31, 2003
- - download paper
- Managing Secure Data Delivery: A Data Roundhouse Model
- Jim Farmer
- October 31, 2003
- - download paper
- Securing a Wide-Open Computer Network
- Mark Andrich
- October 31, 2003
- - download paper
- Basic Self-assessment: Go Hack Yourself
- Barry Dowell
- October 31, 2003
- - download paper
- An Instant War, Just Add Chat: The Growth of Instant Messaging Technology
- Jack Schiller
- October 31, 2003
- - download paper
- We're Lost, But We're Making Good Time!
- Benjamin P. Grubin
- October 31, 2003
- - download paper
- Cyberspace Guardians: A Brief Guide to the Recruitment and Training of Security Personnel
- Amina Khattak Claassen
- October 31, 2003
- - download paper
- Keep Current With Little Time
- Robert Taylor
- October 31, 2003
- - download paper
- Managing Desktop Security
- Amran Bin Munir
- October 31, 2003
- - download paper
- Kiosks: The Interactive Media Solution, or is it?
- Lisa T. Evans
- October 31, 2003
- - download paper
- Enhanced Security During Organizational Transitions
- Denis R. Lynch
- October 31, 2003
- - download paper
- Keeping the Private Intranet Private
- Michael A. Wilson
- October 31, 2003
- - download paper
- Making the HelpDesk a Security Asset
- Douglas Ridgeway
- October 31, 2003
- - download paper
- Defense In Depth
- Todd McGuiness
- October 31, 2003
- - download paper
- Security Architecture Model Component Overview
- Scott M. Angelo
- October 31, 2003
- - download paper
- Security Considerations for Extranets
- Karen A. Korow-Diks
- October 31, 2003
- - download paper
- Information Technology Department Network Security Briefing
- Thad Nobuhara
- October 31, 2003
- - download paper
- The Password Web Page
- Curt Kuper
- October 31, 2003
- - download paper
- The Cyber Security Management System: A Conceptual Mapping
- John H. Dexter
- October 31, 2003
- - download paper
- Security Lifecycle - Managing the Threat
- Mark King
- October 31, 2003
- - download paper
- Obtaining Better Results from Distributed Environment Security Programs
- Rhonda Cram Manter
- October 31, 2003
- - download paper
- Protection of Information Assets
- Odd Nilsen
- October 31, 2003
- - download paper
- The Need for a REAL Defensive Information Operations Capability
- Mark J. Ruchie
- October 31, 2003
- - download paper
- Implementing Defense in Depth at the University Level
- G.Michael Runnels
- October 31, 2003
- - download paper
- A Certification and Accreditation Plan for Information Systems Security Programs (Evaluating the Eff
- Brenda Dinges
- October 31, 2003
- - download paper
- Argentina: Preparing for a Security Violation
- Raymond Hoffman
- October 31, 2003
- - download paper
- Software Piracy- A challenge to E-world
- Sundeep Bhasin
- October 31, 2003
- - download paper
- Introducing Security to the Small Business Enterprise
- Jeff Herbert
- October 31, 2003
- - download paper
- Security - What is Enough?
- Victoria England
- October 31, 2003
- - download paper
- Change Control Process for Firewalls
- Paul Maschak
- October 31, 2003
- - download paper
- How To Secure Your Small To Medium Size Microsoft Based Network: A Generic Case Study
- Jerry Goodman
- October 31, 2003
- - download paper
- Outline for a Successful Security Program
- Jeff Norem
- October 31, 2003
- - download paper
- The Bugs are Biting
- Rishona Phillips
- August 8, 2003
- - download paper
Check Them Out!
This is hands-down, the premiere training opportunity.
- Dan Mather, JICPAC
