Register for Network Security-Vegas by Sept. 3 for $250 discount. >> More Info
the most trusted source for computer security training, certification and research


SANS InfoSec Reading Room - Best Practices

<<Reading Room Home
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

Sandstorm Enterprises, Inc.

Featuring 40 papers as of Aug 30, 2008
Building a Security Practice within a Mixed Product-R&D and Managed-Service Business
Evan Scheessele
July 27, 2007
- download paper PDF
Sudo for Windows (sudowin)
Andrew Kutz
February 14, 2007
- download paper PDF
Beyond the Preoccupation with Certification & Accreditation
Kevin Esser
May 5, 2005
- download paper PDF
Midrange & Mainframe systems for Security Policies compliance control Tool
Pierre Cailloux
February 12, 2005
- download paper PDF
Network Security and the SMB
Matthew Hawley
January 28, 2005
- download paper PDF
Internal Security in a Engineering Development Environment
Art Homs
January 17, 2005
- download paper PDF
Patch Management and the Need for Metrics
Ken MacLeod
August 28, 2004
- download paper PDF
Host Assessment and Risk Rating
Radhika Vedaraman
August 28, 2004
- download paper PDF
Applied Principles of Defense-in-Depth: A Parents Perspective
Tom Miles
August 25, 2004
- download paper PDF
Using Proactive Depth in Defense to Ease Patch Management Problems
David Gadue
August 15, 2004
- download paper PDF
Computer Security And The Law: What You Can Do To Protect Yourself
Karen Poffenbergen
July 25, 2004
- download paper PDF
Beyond Patch Management
Dan Shauver
July 25, 2004
- download paper PDF
Printing the Paper and Serving the News after a Localized Disaster
John Soltys
June 9, 2004
- download paper PDF
The Art of Web Filtering
Robert Alvey
April 8, 2004
- download paper PDF
Keys to Implementing a Successful Security Information Management Solution (or Centralized Security Monitoring)
Michael Martin
January 11, 2004
- download paper PDF
Securing the Network in a K-12 Public School Environment
Russell Penner
December 21, 2003
- download paper PDF
Defense-In-Depth Applied to Laptop Security: Ensuring Your Data Remains Your Data
Chris Grant
December 13, 2003
- download paper PDF
8 Simple Rules For Securing Your Internal Network
Douglas Ford
November 6, 2003
- download paper PDF
Pre-Development Security Planning
Keith Marohn
October 31, 2003
- download paper PDF
System Administrator - Security Best Practices
Harish Setty
October 31, 2003
- download paper PDF
Vulnerability Identification and Remediation Through Best Security Practices
BJ Bellamy
October 31, 2003
- download paper PDF
Centralized Network Security Management: Combining Defense In Depth with Manageable Security
Scott Rasmussen
October 31, 2003
- download paper PDF
A Survival Guide for Security Professionals
Conrad Morgan
October 31, 2003
- download paper PDF
Who Wants To Be A Weakest Link?
Russell T. Hany
October 31, 2003
- download paper PDF
Securing Our Critical Infrastructures
Chris A. Brooks
October 31, 2003
- download paper PDF
Secure Computing - An Elementary Issue
Susan J. Briere
October 31, 2003
- download paper PDF
Securing Your RILOE Cards
Rick McCarter
October 31, 2003
- download paper PDF
Designing a Secure Local Area Network
Daniel Oxenhandler
October 31, 2003
- download paper PDF
OpenVMS 7.2 Security Essentials
Jeff Leving
October 31, 2003
- download paper PDF
Securing an Application: A Paper on Plastic
Joe Rhode
October 31, 2003
- download paper PDF
The Internal Threat to Security Or Users Can Really Mess Things Up
Charles Rhodes
October 31, 2003
- download paper PDF
A Guide to Government Security Mandates
Christian Enloe
October 31, 2003
- download paper PDF
Using a Capability Maturity Model to Derive Security Requirements
Mike Phillips
October 31, 2003
- download paper PDF
Endusers - A Critical Link in the Chain of Security
Dana Brigham
October 31, 2003
- download paper PDF
Security in Practice- Reducing the Effort
Leon Pholi
October 31, 2003
- download paper PDF
Open Source Risk Mitigation Process
Carlos Casanova
October 31, 2003
- download paper PDF
Implementing Least Privilege at your Enterprise
Jeff Langford
October 31, 2003
- download paper PDF
Federal Information Technology Management and Security
John Hopkins
October 31, 2003
- download paper PDF
A Practical Methodology for Implementing a Patch management Process
Daniel Voldal
October 31, 2003
- download paper PDF
Implementing an Effective IT Security Program
Kurt Garbars
August 28, 2002
- download paper PDF

Contact us: (301) 654-SANS(7267)
Monday - Friday 9am-8pm EST/EDT