Featuring 10 Papers as of April 13, 2017
Speed and Scalability Matter: Review of LogRhythm 7 SIEM and Analytics Platform Analyst Paper
by Dave Shackleford - April 13, 2017
- Associated Webcasts: Speed and Scalability Matter: SANS Review of LogRhythm 7 SIEM and Analytics Platform
Just how scalable, fast and accurate are SIEM tools when under load? To find out, we put the LogRhythm 7.2 Threat Lifecycle Management Platform to the test. We found that its clustered Elasticsearch indexing layer supported large log volumes of security and event data during simulated events that would require investigation and remediation.
DevSecOps Transformation: The New DNA of Agile Business Analyst Paper
by Dave Shackleford - February 21, 2017
This is an additional resource that accompanies the analyst paper, "The DevSecOps Approach to Securing Your Code and Your Cloud". To view the paper please click this link.
The DevSecOps Approach to Securing Your Code and Your Cloud Analyst Paper
by Dave Shackleford - February 7, 2017
- Sponsored By: CloudPassage
DevSecOps, at heart, is about collaboration. More specifically, it is continual collaboration between information security, application development and IT operations teams. Having all three teams immersed in all development and deployment activities makes it easier for information security teams to integrate controls into the deployment pipeline without causing delays or creating issues by implementing security controls after systems are already running. Despite the potential benefits, getting started with DevSecOps will likely require some cultural changes and considerable planning, especially when automating the configuration and security of assets in the cloud. To help the shift toward a more collaborative culture, security teams need to integrate with the developers who are promoting code to cloud-based applications to show they can bring quality conditions to bear on any production code push without slowing the process. Security teams should also work with QA and development to define the key qualifiers and parameters that need to be met before any code can be promoted. This paper also has an additional resource titled, "DevSecOps Transformation: The New DNA of Agile Business". The resource can be accessed by clicking this link.
Building and Maintaining a Denial of Service Defense for Businesses STI Graduate Student Research
by Matt Freeman - January 25, 2017
Distributed Denial of Service (DDoS) attacks have been around for decades but still cause problems for most businesses. While easy to launch, DDoS attacks can be difficult to sustain and even more difficult to monetize for attackers. From the business perspective, a DDoS attack might result in lost revenue but is unlikely to have the same long term impact that a data breach may have. Recent changes in the IT landscape have made DDoS a more attractive attack vector for hackers. The industry trend to connect more and more devices to the Internet (often with minimal to no security), dubbed the "Internet of Things" has created a new marketplace for bad actors to sell their resource exhaustion services. Businesses need to consider all options when planning and implementing a defensive posture against denial of service attacks. As security vendors continue to offer new (and expensive) options to defend against these attacks, how does an InfoSec manager know which is best for their business. Using an "Offense informs the Defense" approach, this paper will analyze the methods used during DDoS attacks in order to determine the most appropriate defensive postures.
Under The Ocean of the Internet - The Deep Web by Brett Hawkins - May 27, 2016
The Internet was a revolutionary invention, and its use continues to evolve. People around the world use the Internet every day for things such as social media, shopping, email, reading news, and much more. However, this only makes up a very small piece of the Internet, and the rest is filled by an area called The Deep Web.
How the SANS Critical Controls Prevent the Red Team from P0wning your Database STI Graduate Student Research
by N. Dean Sapp - September 4, 2014
Databases* are pervasive in the technologically savvy world we live in. If electronic information is currency, then the database is the equivalent of the Federal Reserve Bank for many companies (Litchfield, 2005).
Straddling the Next Frontier Part 1: Quantum Computing Primer STI Graduate Student Research
by Eric Jodoin - September 3, 2014
Theoretical designs of Quantum Computing are progressively transmuting into practical applications.
Straddling the Next Frontier Part 2: How Quantum Computing has already begun impacting the Cyber Security landscape STI Graduate Student Research
by Eric Jodoin - September 3, 2014
Theoretical designs of quantum computing are progressively transmuting into practical applications.
Cybersecurity Professional Trends: A SANS Survey Analyst Paper
Advisors: John Pescatore, Barb Filkins, Tracy Lenzner and SANS GIAC - May 8, 2014
- Associated Webcasts: SANS 2014 Salary Survey: The State of Security Professionals Today
- Sponsored By: Arbor Networks
Survey results on evolving roles of security professionals worldwide, including new roles, titles, managerial functions, and existing and planned certifications broken out by industry and geography.
2014 Trends That Will Reshape Organizational Security Analyst Paper
by John Pescatore - April 22, 2014
- Associated Webcasts: The 2014 Security Trends Forecast: What Does 2014 Hold for Security and Its Impact on Business Professionals?
- Sponsored By: Cisco Systems Inc.
Information for security managers to facilitate focusing their investments on the areas that are mostly likely to impact their organizations and customers over the next several years.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact email@example.com.
All papers are copyrighted. No re-posting or distribution of papers is permitted.