Computer Forensics Blog
Every organization will eventually deal with cyber-crime. Fraud, intrusion, insider threats, phishing and other cyber-crimes are now a fact of life. If you are an IT or law enforcement professional and don't know how to look for and sort out these cases, your skills are becoming less valuable every day. SANS developed this site and the related resources to provide a 'home' for those that are focused on computer forensics. You can find advice, research, training, and other resources to unravel incidents and fight crime.
Security Awareness Blog
SANS Securing the Human is the world's leading provider of information security awareness services. We can quickly supply everything you need for a comprehensive Awareness Program; including online training, newsletters, posters, screensavers, banners, flyers and other materials.
Cloud Security Blog
We as security professionals are still trying to define what the term "cloud security" even means. Can I leverage my existing security tools and processes, or do I need to start from scratch? How do I secure a server that can move from the private LAN to multiple public providers? Can I just outsource all my security concerns to my IaaS provider? These are just a few of the question we as a community are trying to work through.
Security Trends Blog
The challenges security managers face never stand still. Threats change, new technologies appear, global conflicts arise, economic cycles drive business change - the trends in each of these areas have profound and complex impact on successful security strategies. The SANS Security Trends blog will highlight and analyze emerging security trends and discuss new data from SANS, vendors, government sources, the security community and current events. Join us in finding the meaningful events and predictions amidst all the hype and noise.
Industrial Control Systems Security Blog
SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is equipping security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology.
Internet Storm Center Diary/Blog
The Internet Storm Center gathers millions of intrusion detection log entries every day, from sensors covering over 500,000 IP addresses in over 50 countries. It is rapidly expanding in a quest to do a better job of finding new storms faster, identifying the sites that are used for attacks, and providing authoritative data on the types of attacks that are being mounted against computers in various industries and regions around the globe. The Internet Storm Center is a free service to the Internet community. The work is supported by the SANS Institute from tuition paid by students attending SANS security education programs. Volunteer incident handlers donate their valuable time to analyze detects and anomalies, and post a daily diary of their analysis and thoughts on the Storm Center web site.
Penetration Testing Blog
High-value penetration testing doesn't involve just throwing a bunch of hacks at a target environment and declaring victory when a shell prompt magically pops up. Instead, the best penetration testers focus on understanding their craft in-depth, providing significant value to organizations by improving their security stance through technical excellence and implementation of a well-understood and repeatable methodologies, which will deliver real savings and security to the business.
Software Security Blog
SANS Software Security brings the most trusted name in computer security training to developers, programmers and application security professionals.
Cyber Defense Blog
Most of the computers targeted for attack run Microsoft Windows. Securing Windows against hackers and APT malware requires constant adaptation and cutting-edge tools. The Windows Security Blog covers a variety of topics related to every hacker's favorite operating system. The blog also aims to provide free PowerShell scripts to automate many security tasks.
SANS Technology Institute (STI) Blogs
SANS is a thought leader in information security making The SANS Technology Institute one of the nation's leading security graduate schools that grants Masters degrees in information security. Students are taught to be leaders with a demonstrated track record of leadership, knowledge and expertise in information technology and security. At SANS, the wisdom of industry and business, college academia and practical skills merge as students are taught by leaders with a demonstrated track record of leadership, knowledge and expertise in information technology and security.
The SANS Technology Institute maintains 4 unique blogs: