Live, interactive cybersecurity training available through SANS Live Online. View upcoming events.

Reading Room

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.





Threats/Vulnerabilities

Featuring 143 Papers as of August 6, 2020

  • Generating Hypotheses for Successful Threat Hunting Analyst Paper (requires membership in SANS.org community)
    by Robert M. Lee and David Bianco - August 15, 2016 

    Threat hunting is a proactive and iterative approach to detecting threats. Although threat hunters should rely heavily on automation and machine assistance, the process itself cannot be fully automated. One of the human’s key contributions to a hunt is the formulation of a hypotheses to guide the hunt. This paper explores three types of hypotheses and outlines how and when to formulate each of them.

  • View All Threats/Vulnerabilities Papers

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

All papers are copyrighted. No re-posting or distribution of papers is permitted.

SANS.edu Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.





Latest Whitepapers

Improving the Bottom Line with Effective Security Metrics: A SANS Survey
By Barbara Filkins

60870-5-104 protocol snort rule customization
By Adrian Aron

Chaining Vulnerability Scans inTenable IO Using Python
By Jeff Holland

Last 25 Papers »

Latest Tweets @SANSInstitute

Earn this coin by winning the Challenge on the final day of [...]
August 12, 2020 - 11:35 PM

Explore the results of the 2020 SANS #Security #Metrics Surv [...]
August 12, 2020 - 10:45 PM

The @CertifyGIAC Certified Forensic Examiner (#GCFE) cert sh [...]
August 12, 2020 - 9:55 PM

Contact Us

Mon-Fri: 9am-8pm ET (phone/email)
Sat-Sun: 9am-5pm ET (email only)
301-654-SANS(7267)
info@sans.org

"The perfect balance of theory and hands-on experience."
- James D. Perry II, University of Tennessee

"SANS is a great place to enhance your technical and hands-on skills and tools. I thoroughly recommend it."
- Aaron Waugh, Datacom NZ Ltd

"Just amazing content and instruction, it's really a 'must do' for any info sec professional."
- Mark Austin, PHH Mortgage