SANS Information Security Reading Roomhttp://www.sans.org/reading-room/Last 25 Computer Security Papers added to the Reading RoomKohanaPHPGetting Started with Web Application Securityhttps://www.sans.org/reading-room/whitepapers/analyst/started-web-application-security-36735Wed, 10 Feb 2016 00:00:00 +0000The Case for Endpoint Visibilityhttps://www.sans.org/reading-room/whitepapers/critical/case-endpoint-visibility-36730On February 12, 2013 President Barack Obama issued executive order Improving Critical Infrastructure Cybersecurity, thus, recognizing the “Repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity.” Wed, 10 Feb 2016 00:00:00 +0000Implementing the Critical Security Controls in the Cloudhttps://www.sans.org/reading-room/whitepapers/critical/implementing-critical-security-controls-cloud-36725Amazon refers to cloud computing as “the on-demand delivery of IT resources and applications via the Internet with pay-as-you-go pricing” (Amazon Web Services, 2015). Wed, 10 Feb 2016 00:00:00 +0000Using Analytics to Predict Future Attacks and Breacheshttps://www.sans.org/reading-room/whitepapers/analyst/analytics-predict-future-attacks-breaches-36720The pace and sophistication of data breaches is growing all the time. Anyone with valuable secrets can be a target, and likely already is. According to the Privacy Rights Clearinghouse, at the time of this writing, 884,903,517 records were breached in 4,621 incidents documented since 2005. This number is just an estimate based on publicly disclosed and well-documented incidents; the real number is likely much higher. According to data available from datalossdb.org, the size of the major breaches over the past several years has grown significantly.Tue, 09 Feb 2016 00:00:00 +0000Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Deviceshttps://www.sans.org/reading-room/whitepapers/analyst/mobile-threat-protection-holistic-approach-securing-mobile-data-devices-36715The ubiquitous use of mobile devices results in a mixture of corporate and personal data stored on devices that are online continuously, seamlessly connecting to the closest available network, downloading and uploading data whenever possible, and carried with users continuously. This trend has radically changed the landscape of data protection.Tue, 09 Feb 2016 00:00:00 +0000Eliminating Blind Spots: A New Paradigm of Monitoring and Responsehttps://www.sans.org/reading-room/whitepapers/analyst/eliminating-blind-spots-paradigm-monitoring-response-36712Thu, 04 Feb 2016 00:00:00 +0000Security through Configuration Control at Scale – An Introduction to Ansiblehttps://www.sans.org/reading-room/whitepapers/OpenSource/security-configuration-control-scale-–-introduction-ansible-36702As new technologies and concepts are developed there is usually a noticeable change in the use and employment of existing technologies. For example, there is a current growth trend of concepts such as cloud computing, the merging of development and operations (DevOps), microservice based architectures, agile development, and continuous integration. Thu, 04 Feb 2016 00:00:00 +0000IT Security Spending Trendshttps://www.sans.org/reading-room/whitepapers/leadership/security-spending-trends-36697This paper assumes security budgeting occurs as part of each organization's yearly cost management cycle. Readers will explore the what, why, where and how of IT security spending and will get advice on how to better meet the challenge of aligning security spending processes with organizational needs.Tue, 02 Feb 2016 00:00:00 +0000Active Defense Through Deceptive Configuration Techniqueshttps://www.sans.org/reading-room/whitepapers/ActiveDefense/active-defense-deceptive-configuration-techniques-36692Honeypots are making a profound impact in the security world. Their ability to infer information about an attacker’s Tactics, Techniques, and Procedures (TTPs), allow defenders to configure their defenses to respond to emerging threats, capture 0-Day exploits, and identify malicious users within a network.Fri, 29 Jan 2016 00:00:00 +0000Security Systems Engineering Approach in Evaluating Commercial and Open Source Software Productshttps://www.sans.org/reading-room/whitepapers/OpenSource/security-systems-engineering-approach-evaluating-commercial-open-source-software-products-36687Almost all systems currently in development leverage some type of commercial and/or free open source software (FOSS), either in the development environment or integrated into the system.Fri, 29 Jan 2016 00:00:00 +0000Why You Need an Application Security Programhttps://www.sans.org/reading-room/whitepapers/analyst/application-security-program-36682Thu, 28 Jan 2016 00:00:00 +0000Intrusion Detection and Prevention Systems Cheat Sheet: Choosing the Best Solution, Common Misconfigurations, Evasion Techniques, and Recommendations.https://www.sans.org/reading-room/whitepapers/intrusion/intrusion-detection-prevention-systems-cheat-sheet-choosing-solution-common-misconfi-36677There are many decisions a company must make while choosing an Intrusion Detection System (IDS) or Intrusion Prevention System (IPS) for their infrastructure. Pricing questions will arise to determine if it will fit into their budget. Mon, 25 Jan 2016 00:00:00 +0000The Impact of Dragonfly Malware on Industrial Control Systemshttps://www.sans.org/reading-room/whitepapers/ICS/impact-dragonfly-malware-industrial-control-systems-36672During the past several years and ending in 2014, Dragonfly malware infected hundreds of business computers in an often successful attempt to collect information on industrial control systems across the United States and Europe. Fri, 22 Jan 2016 00:00:00 +0000Detecting Malware and Sandbox Evasion Techniqueshttps://www.sans.org/reading-room/whitepapers/forensics/detecting-malware-sandbox-evasion-techniques-36667The Internet has revolutionized the operations of businesses, the manner in which transactions are conducted, education programs are administered, and how research works are handled; these are a few of the benefits it has afforded society. Wed, 20 Jan 2016 00:00:00 +0000Using Virtualization in Internal Forensic Training and Assessmenthttps://www.sans.org/reading-room/whitepapers/forensics/virtualization-internal-forensic-training-assessment-36662Continual training is a critical part of forensics work. Formal training and education in forensics are irreplaceable, but training has the most value when supplemented with hands-on laboratory work to reinforce concepts and apply practical skills (Ananthapadmanabhan, Frankl, Memon, & Naumovich, 2003). Wed, 20 Jan 2016 00:00:00 +0000Implementing Least Privilege in an SMBhttps://www.sans.org/reading-room/whitepapers/authentication/implementing-privilege-smb-36657To better understand the problem at hand, it is perhaps best to look at how SMB’s got to where they are today, in terms of privileged account access at the desktop. Wed, 20 Jan 2016 00:00:00 +0000Budgeting for the Critical Security Controlshttps://www.sans.org/reading-room/whitepapers/critical/budgeting-critical-security-controls-36652In 2008, the National Security Agency (NSA) initiated an effort to prioritize the controls within the multiple frameworks to identify a manageable set of controls that are effective in implementing a Cybersecurity program with an "offense must inform defense" approach designed to directly address how attacks happen.Wed, 20 Jan 2016 00:00:00 +0000Network Forensics and HTTP/2https://www.sans.org/reading-room/whitepapers/forensics/network-forensics-http-2-36647The first publicly released version of Hypertext Transfer Protocol (HTTP), HTTP 1.0, was released in 1996. HTTP is an application-level protocol for distributed, collaborative, hypermedia information systems (Berners-Lee, Fielding, & Frystyk, 1996). It is the basis of communication for the World Wide Web. Mon, 18 Jan 2016 00:00:00 +0000How to Leverage PowerShell to Create a User- Friendly Version of WinDumphttps://www.sans.org/reading-room/whitepapers/incident/leverage-powershell-create-user-friendly-version-windump-36642Security professionals rely on a myriad of tools to accomplish their job. This is no different than the toolboxes that plumbers, electricians, and other trade professionals carry with them every day. Mon, 18 Jan 2016 00:00:00 +0000Testing stateful web application workflowshttps://www.sans.org/reading-room/whitepapers/testing/testing-stateful-web-application-workflows-36637When technology made it possible for web servers to return dynamic content, web applications started out simple. As the development of more and more applications shifted from desktop operating systems to the web, complexity grew. Thu, 14 Jan 2016 00:00:00 +0000The Edge (of the Network) is Everywhere Redefining the traditional sense of the perimeterhttps://www.sans.org/reading-room/whitepapers/firewalls/edge-of-network-redefining-traditional-sense-perimeter-36632Securing a network from untrusted access is not a new concept. It is an essential component to network design. Similar to the ancient city of Troy, networks are built with solid walls surrounding them in an attempt to prevent unauthorized access. Thu, 14 Jan 2016 00:00:00 +0000The Nightmare on Cryptville Street: 20 Pills for a Night of Sleephttps://www.sans.org/reading-room/whitepapers/critical/nightmare-cryptville-street-20-pills-night-sleep-36627According to Center for Strategic and International Studies, by the year 2014, cybercrime has grown into its own $400+ billion industry and has plenty of room for growing potential (2014). Tue, 12 Jan 2016 00:00:00 +0000An Organic Approach to Implementing the Critical Security Controlshttps://www.sans.org/reading-room/whitepapers/critical/organic-approach-implementing-critical-security-controls-36622The Critical Security Controls (CSCs) describe a set of specific actions designed to improve an organization’s ability to resist or recover from information security incidents ("CIS critical security controls," 2015). Tue, 12 Jan 2016 00:00:00 +0000Zork as a Computer Investigative Mind Sethttps://www.sans.org/reading-room/whitepapers/forensics/zork-computer-investigative-mind-set-36612While not the first text adventure (alternatively known as “interactive fiction genre”) game, Zork is possibly the most well-known one. It was created in the late 1970’s on a PDP-10 mainframe computer by Massachusetts Institute of Technology (MIT) students Tim Anderson, Marc Blanc, Bruce Daniels and Dave Lebling. Thu, 07 Jan 2016 00:00:00 +0000Developments in Car Hackinghttps://www.sans.org/reading-room/whitepapers/ICS/developments-car-hacking-36607In the developed world, there is arguably no appliance more prevalent in people’s lives than the automobile. Thu, 07 Jan 2016 00:00:00 +0000