Computer Forensics Blog
Every organization will eventually deal with cyber-crime. Fraud, intrusion, insider threats, phishing and other cyber-crimes are now a fact of life. If you are an IT or law enforcement professional and don't know how to look for and sort out these cases, your skills are becoming less valuable every day. SANS developed this site and the related resources to provide a 'home' for those that are focused on computer forensics. You can find advice, research, training, and other resources to unravel incidents and fight crime.
Security Awareness Blog
SANS Securing the Human is the world's leading provider of information security awareness services. We can quickly supply everything you need for a comprehensive Awareness Program; including online training, newsletters, posters, screensavers, banners, flyers and other materials.
Cloud Security Blog
We as security professionals are still trying to define what the term "cloud security" even means. Can I leverage my existing security tools and processes, or do I need to start from scratch? How do I secure a server that can move from the private LAN to multiple public providers? Can I just outsource all my security concerns to my IaaS provider? These are just a few of the question we as a community are trying to work through.
Security Trends Blog
The challenges security managers face never stand still. Threats change, new technologies appear, global conflicts arise, economic cycles drive business change - the trends in each of these areas have profound and complex impact on successful security strategies. The SANS Security Trends blog will highlight and analyze emerging security trends and discuss new data from SANS, vendors, government sources, the security community and current events. Join us in finding the meaningful events and predictions amidst all the hype and noise.
Internet Storm Center Diary/Blog
The Internet Storm Center gathers millions of intrusion detection log entries every day, from sensors covering over 500,000 IP addresses in over 50 countries. It is rapidly expanding in a quest to do a better job of finding new storms faster, identifying the sites that are used for attacks, and providing authoritative data on the types of attacks that are being mounted against computers in various industries and regions around the globe. The Internet Storm Center is a free service to the Internet community. The work is supported by the SANS Institute from tuition paid by students attending SANS security education programs. Volunteer incident handlers donate their valuable time to analyze detects and anomalies, and post a daily diary of their analysis and thoughts on the Storm Center web site.
Penetration Testing Blog
High-value penetration testing doesn't involve just throwing a bunch of hacks at a target environment and declaring victory when a shell prompt magically pops up. Instead, the best penetration testers focus on understanding their craft in-depth, providing significant value to organizations by improving their security stance through technical excellence and implementation of a well-understood and repeatable methodologies, which will deliver real savings and security to the business.
Software Security Blog
SANS Software Security brings the most trusted name in computer security training to developers, programmers and application security professionals.
Cyber Defense Blog
Most of the computers targeted for attack run Microsoft Windows. Securing Windows against hackers and APT malware requires constant adaptation and cutting-edge tools. The Windows Security Blog covers a variety of topics related to every hacker's favorite operating system. The blog also aims to provide free PowerShell scripts to automate many security tasks.
IT Audit Blog
SANS Audit program is dedicated to partnering with the IT Audit community to improve the overall practice of technical and IT process auditors through rigorous training programs, allowing auditors to discern truth from fiction, in addition to contributing valuable resources to the community at large, creating a valuable and prominent resource for the entire IT Audit community.
SANS Technology Institute (STI) Blogs
SANS is a thought leader in information security making The SANS Technology Institute one of the nation's leading security graduate schools that grants Masters degrees in information security. Students are taught to be leaders with a demonstrated track record of leadership, knowledge and expertise in information technology and security. At SANS, the wisdom of industry and business, college academia and practical skills merge as students are taught by leaders with a demonstrated track record of leadership, knowledge and expertise in information technology and security.
The SANS Technology Institute maintains 4 unique blogs: