Prove Skill Mastery with GIAC Certs - Free Cert Attempt Included with OnDemand Training

Reading Room

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.






Analyst Papers

Featuring 484 Papers as of June 21, 2021

To download the Analyst Papers, you must be a member of the SANS.org Community. Upon joining the community, you will have unlimited access to Analyst Papers and all associated webcasts, including the ondemand version where you can download the slides.

You must be a member of the SANS.org Community to view this paper

  • How to Fuel Your DevSecOps in AWS by Dave Shackleford - June 2, 2021 

    To build an effective and successful security automation strategy for the DevOps pipeline, organizations need to consider all parts of the pipeline. This includes securing code and repositories, monitoring and controlling privilege allocation, scanning all checked-in and modified code for vulnerabilities, and scanning all builds and images for package and component vulnerabilities. And by monitoring all running assets through cloud fabric logging, they can use event-driven automation to remediate or alert on issues. In this whitepaper, SANS Analyst Dave Shackleford describes how to bring security teams into all phases of development and during cloud operations to increase visibility and improve security posture.

  • View All Analyst Papers

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

All papers are copyrighted. No re-posting or distribution of papers is permitted.

SANS.edu Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.