Learn practical cyber security skills during SANS 2021 - Live Online. Choose from 30+ courses and three types of NetWars!

Reading Room

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.






Analyst Papers

Featuring 451 Papers as of January 18, 2021

To download the Analyst Papers, you must be a member of the SANS.org Community. Upon joining the community, you will have unlimited access to Analyst Papers and all associated webcasts, including the ondemand version where you can download the slides.

You must be a member of the SANS.org Community to view this paper

  • Analyzing Malicious Behavior Effectively with ExtraHop Reveal(x) by Dave Shackleford - January 4, 2021 

    In the past decade, the information security industry has learned a lot about what attackers do during campaigns against targets. Once a compromise has occurred, attackers attempt to maintain a persistent presence within the victims network, escalate privileges, and move laterally within the victims network to extract sensitive information to locations under the attackers control.

    ExtraHops Reveal(x) security analytics product, provides security analysts with a platform that can rapidly analyze huge quantities of data without acquiring full network packets. In this paper, Dave Shackleford reviews ExtraHops Reveal (x) and shares his insights on the many enhancements and new features that help intrusion analysis and investigation teams analyze malicious behavior in their environments more rapidly and effectively.

  • View All Analyst Papers

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

All papers are copyrighted. No re-posting or distribution of papers is permitted.

SANS.edu Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.