Top Cybersecurity Instructors and Best Offers of the Year Available Now - Learn More!

Reading Room

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.


Featuring 154 Papers as of March 31, 2021

  • How to Protect a Modern Web Application in AWS Analyst Paper (requires membership in community)
    by Shaun McCullough - May 9, 2019 

    In moving assets to the cloud, organizations need to prioritize their security plans based on the risks to which they are exposed. With threat modeling, organizations can identify and prioritize the risks to infrastructure, applications and the services they provide, as well as evaluate how to manage those risks over time. This paper includes use cases for threat modeling web apps and the DevSecOps platform, using a process that is both repeatable and improvable.

  • View All Threats/Vulnerabilities Papers

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact

All papers are copyrighted. No re-posting or distribution of papers is permitted. Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.