SANS Information Security Reading Room 25 Computer Security Papers added to the Reading RoomKohanaPHPGetting Started with Web Application Security, 10 Feb 2016 00:00:00 +0000The Case for Endpoint Visibility February 12, 2013 President Barack Obama issued executive order Improving Critical Infrastructure Cybersecurity, thus, recognizing the “Repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity.” Wed, 10 Feb 2016 00:00:00 +0000Implementing the Critical Security Controls in the Cloud refers to cloud computing as “the on-demand delivery of IT resources and applications via the Internet with pay-as-you-go pricing” (Amazon Web Services, 2015). Wed, 10 Feb 2016 00:00:00 +0000Using Analytics to Predict Future Attacks and Breaches pace and sophistication of data breaches is growing all the time. Anyone with valuable secrets can be a target, and likely already is. According to the Privacy Rights Clearinghouse, at the time of this writing, 884,903,517 records were breached in 4,621 incidents documented since 2005. This number is just an estimate based on publicly disclosed and well-documented incidents; the real number is likely much higher. According to data available from, the size of the major breaches over the past several years has grown significantly.Tue, 09 Feb 2016 00:00:00 +0000Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Devices ubiquitous use of mobile devices results in a mixture of corporate and personal data stored on devices that are online continuously, seamlessly connecting to the closest available network, downloading and uploading data whenever possible, and carried with users continuously. This trend has radically changed the landscape of data protection.Tue, 09 Feb 2016 00:00:00 +0000Eliminating Blind Spots: A New Paradigm of Monitoring and Response, 04 Feb 2016 00:00:00 +0000Security through Configuration Control at Scale – An Introduction to Ansible–-introduction-ansible-36702As new technologies and concepts are developed there is usually a noticeable change in the use and employment of existing technologies. For example, there is a current growth trend of concepts such as cloud computing, the merging of development and operations (DevOps), microservice based architectures, agile development, and continuous integration. Thu, 04 Feb 2016 00:00:00 +0000IT Security Spending Trends paper assumes security budgeting occurs as part of each organization's yearly cost management cycle. Readers will explore the what, why, where and how of IT security spending and will get advice on how to better meet the challenge of aligning security spending processes with organizational needs.Tue, 02 Feb 2016 00:00:00 +0000Active Defense Through Deceptive Configuration Techniques are making a profound impact in the security world. Their ability to infer information about an attacker’s Tactics, Techniques, and Procedures (TTPs), allow defenders to configure their defenses to respond to emerging threats, capture 0-Day exploits, and identify malicious users within a network.Fri, 29 Jan 2016 00:00:00 +0000Security Systems Engineering Approach in Evaluating Commercial and Open Source Software Products all systems currently in development leverage some type of commercial and/or free open source software (FOSS), either in the development environment or integrated into the system.Fri, 29 Jan 2016 00:00:00 +0000Why You Need an Application Security Program, 28 Jan 2016 00:00:00 +0000Intrusion Detection and Prevention Systems Cheat Sheet: Choosing the Best Solution, Common Misconfigurations, Evasion Techniques, and Recommendations. are many decisions a company must make while choosing an Intrusion Detection System (IDS) or Intrusion Prevention System (IPS) for their infrastructure. Pricing questions will arise to determine if it will fit into their budget. Mon, 25 Jan 2016 00:00:00 +0000The Impact of Dragonfly Malware on Industrial Control Systems the past several years and ending in 2014, Dragonfly malware infected hundreds of business computers in an often successful attempt to collect information on industrial control systems across the United States and Europe. Fri, 22 Jan 2016 00:00:00 +0000Detecting Malware and Sandbox Evasion Techniques Internet has revolutionized the operations of businesses, the manner in which transactions are conducted, education programs are administered, and how research works are handled; these are a few of the benefits it has afforded society. Wed, 20 Jan 2016 00:00:00 +0000Using Virtualization in Internal Forensic Training and Assessment training is a critical part of forensics work. Formal training and education in forensics are irreplaceable, but training has the most value when supplemented with hands-on laboratory work to reinforce concepts and apply practical skills (Ananthapadmanabhan, Frankl, Memon, & Naumovich, 2003). Wed, 20 Jan 2016 00:00:00 +0000Implementing Least Privilege in an SMB better understand the problem at hand, it is perhaps best to look at how SMB’s got to where they are today, in terms of privileged account access at the desktop. Wed, 20 Jan 2016 00:00:00 +0000Budgeting for the Critical Security Controls 2008, the National Security Agency (NSA) initiated an effort to prioritize the controls within the multiple frameworks to identify a manageable set of controls that are effective in implementing a Cybersecurity program with an "offense must inform defense" approach designed to directly address how attacks happen.Wed, 20 Jan 2016 00:00:00 +0000Network Forensics and HTTP/2 first publicly released version of Hypertext Transfer Protocol (HTTP), HTTP 1.0, was released in 1996. HTTP is an application-level protocol for distributed, collaborative, hypermedia information systems (Berners-Lee, Fielding, & Frystyk, 1996). It is the basis of communication for the World Wide Web. Mon, 18 Jan 2016 00:00:00 +0000How to Leverage PowerShell to Create a User- Friendly Version of WinDump professionals rely on a myriad of tools to accomplish their job. This is no different than the toolboxes that plumbers, electricians, and other trade professionals carry with them every day. Mon, 18 Jan 2016 00:00:00 +0000Testing stateful web application workflows technology made it possible for web servers to return dynamic content, web applications started out simple. As the development of more and more applications shifted from desktop operating systems to the web, complexity grew. Thu, 14 Jan 2016 00:00:00 +0000The Edge (of the Network) is Everywhere Redefining the traditional sense of the perimeter a network from untrusted access is not a new concept. It is an essential component to network design. Similar to the ancient city of Troy, networks are built with solid walls surrounding them in an attempt to prevent unauthorized access. Thu, 14 Jan 2016 00:00:00 +0000The Nightmare on Cryptville Street: 20 Pills for a Night of Sleep to Center for Strategic and International Studies, by the year 2014, cybercrime has grown into its own $400+ billion industry and has plenty of room for growing potential (2014). Tue, 12 Jan 2016 00:00:00 +0000An Organic Approach to Implementing the Critical Security Controls Critical Security Controls (CSCs) describe a set of specific actions designed to improve an organization’s ability to resist or recover from information security incidents ("CIS critical security controls," 2015). Tue, 12 Jan 2016 00:00:00 +0000Zork as a Computer Investigative Mind Set not the first text adventure (alternatively known as “interactive fiction genre”) game, Zork is possibly the most well-known one. It was created in the late 1970’s on a PDP-10 mainframe computer by Massachusetts Institute of Technology (MIT) students Tim Anderson, Marc Blanc, Bruce Daniels and Dave Lebling. Thu, 07 Jan 2016 00:00:00 +0000Developments in Car Hacking the developed world, there is arguably no appliance more prevalent in people’s lives than the automobile. Thu, 07 Jan 2016 00:00:00 +0000