Information Technology Security also known as, IT Security is the process of implementing measures and systems designed to securely protect and safeguard information (business and personal data, voice conversations, still images, motion pictures, multimedia presentations, including those not yet conceived) utilizing various forms of technology developed to create, store, use and exchange such information against any unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby preserving the value, confidentiality, integrity, availability, intended use and its ability to perform their permitted critical functions.
- Paid SANS IT Security Resources
- Free SANS IT Security Resources
Paid SANS IT Security Resources
Maximize your training time and turbo-charge your career in security by learning the full SANS Security Essentials curriculum needed to qualify for the GSEC certification. In this course you will learn the language and underlying theory of computer security. At the same time you will learn the essential, up-to-the-minute knowledge and skills required for effective performance if you are given the responsibility for securing systems and/or organizations. This course meets both of the key promises SANS makes to our students: (1) You will gain up-to-the-minute knowledge you can put into practice immediately upon returning to work; and, (2) You will be taught by the best security instructors in the industry. As always, great teaching sets SANS courses apart, and SANS ensures this by choosing instructors who have ranked highest in a nine-year competition among potential security faculty. View Full Course Description
By helping you understand attackers' tactics and strategies in detail, giving you hands-on experience in finding vulnerabilities and discovering intrusions, and equipping you with a comprehensive incident handling plan, the in-depth information in this course helps you turn the tables on computer attackers. View Full Course Description
Unpatched, unprotected computers connected to the Internet are being compromised in 3 days or less. The Blaster Worm proves systems behind a firewall can become the victim of a successful attack. Security professionals must master a variety of operating systems, investigation techniques, incident response tactics, and even legal issues. Learn forensic techniques and tools in a lab-style, hands-on setting for both Windows and Linux investigations. This course emphasizes a "try-it-by-hand" approach so that any student attending will take with them a solid grasp of how open source and commercial forensic tools complete their tasks, without having to merely have faith in the tool. This is accomplished by teaching the fundamental concepts of computer forensics in a tool-independent manner. View Full Course Description
Free SANS IT Security Resources
Recommended IT Security Papers from the SANS Reading Room
Becoming a Forensic Investigator by Mark Maher - August 15, 2004 in Forensics
One of the forensic analyst's primary functions is the dissemination of the forensic process to the intended audience. To do their jobs successfully, they must write forensic reports that are both technically accurate and easy to read.
The Role of the Security Analyst in the Systems Development Life Cycle by Brad Gray - May 5, 2005 in Security Awareness
This paper will proceed in a very logical manner to describe how a sequential development life cycle increases in depth as security is applied. Each major portion of the paper will address a phase of the system development lifecycle.
Identity Theft: Imitation Is Not The Sincerest Form Of Flattery by Reg Washington - May 17, 2005 in Digital Privacy
The purpose of this paper is to completely define the threat of identity theft. The paper will outline the following: how identity theft occurs, tips to avoid becoming a victim, and ways to recognize if you've been victimized.
Forensic Analysis of a Compromised Intranet Server by Roberto Obialero - June 8, 2006 in Forensics
This document details the forensic analysis process of a compromised Intranet server, from the verification stage to the dissection of malware code, supported by an explanation of the followed methodology.