The SANS Analyst Program produces leading analyst reports on emerging and mission-critical topics. An average of 11,500 people download SANS Analyst papers each month. Leading SANS analysts and instructors develop the content in the form of whitepapers, product reviews and surveys with accompanying webcasts that produce leads for sponsors. SANS Analyst Program content, paired with webcasts, helps sponsors drive topic awareness to a qualified audience of decision makers and influencers through insightful educational content that addresses problems readers need to solve today and in the future.
The SANS Analyst Program develops state-of-the-art reports on cutting-edge technology topics including:
- Security by Design
- Cloud & DevOps
- Access and Identity Management
- IoT/ICS Security
- Analytics & Intelligence
- Threat Hunting & IR
- SOC Trends
- Measuring Risk
Industry-specific papers are developed in the areas of:
- Health Care
- Financial Services
- Government
- Industrial IT
Spotlight Analyst Project
SANS DevOps Survey: Sneak Peak
See Frank Kim describe preliminary results of the Secure DevOps survey at the SANS Secure DevOps Summit & Information Security Training. In the video Frank Kim discusses the latest survey of industry practitioners and examines how the security and risk management leaders approach the collaborative, agile nature of DevOps.
Upcoming Analyst Papers and Research Sponsorship Opportunities
| A SANS 2020 Report | ICS Asset Identification: It's More Than Just Security!In this whitepaper, SANS ICS Active Defense and Incident Response certified instructor Mark Bristow will provide recommendations and guidance on starting and supporting an asset identification program. | |||
| A SANS 2020 Report | Measuring and Improving Cyber Defense Using the MITRE ATT&CK FrameworkIn this paper, SANS instructor and analyst John Hubbard will cover the most important aspects of understanding and utilizing the ATT&CK framework. | |||
| A SANS 2020 Survey | Closing the Critical Security Skills Gap for Modern and Effective Security Operations Centers SurveyThis survey focuses on developing insight into key areas which security operations skills needs are changing rapidly as threats evolve and business use of the cloud increases. | |||
| A SANS 2020 Survey | Improving the Bottom Line with Measures, Metrics and KPIsThis survey, developed by SANS Analyst Program Research Director Barbara Filkins, will explore how cybersecurity metrics can demonstrate business value and reduce risks. | |||
| A SANS 2020 Survey | Enterprise Cloud Incident Response SurveyThis survey will provide an overview of how organizations are tackling the new frontier of incident response in multiple enterprise cloud environments. | |||
| A SANS 2020 Survey | Extending DevSecOps Security Controls into the CloudThis survey will explore how organizations are extending their DevSecOps security controls beyond their on-premises environments into the public cloud to secure their cloud networks, services and applications. | |||
| A SANS 2020 Survey | Risk-Based Vulnerability Survey This survey will focus on how organizations are analyzing and treating the vulnerabilities they identify. |
|||
| A SANS 2020 Report | Pervasive and Unrelenting: Ransomware Special Report This paper will explain why and how ransomware is spreading across vulnerable organizations and provide US-CERT advice on preventing these attacks and NIST guidance on detecting and recovering from them. |
|||
| A SANS 2020 Survey | Proactive vs. Reactive: Getting Real About Threat Hunting Survey This survey looks into why organizations aren't utilizing threat hunting to detect threats before they become incidents and how security departments can reap the benefits of proactive hunting. |
|||
| A SANS 2021 Survey | Cyber Threat Intelligence SurveyThis survey seeks to understand the role of cyber threat intelligence in organization's cybersecurity practices, identify use cases across intel generation and consumption, and guide best practices for the community. | |||
| A SANS 2021 Survey | Top CISO Issues in Vendor Risk Management & Data Privacy This survey will look into the concerns of CIOs, CTOs, CISOs, Data Privacy Officers, and the "Big Four' for their guidance, fears, and success worldwide with vendor risk management and data privacy. |
|||
| A SANS 2021 Report | Top New Attacks and Threat ReportThis report will provide deeper insight into the threats highlighted during the SANS panel discussion at the 2021 RSA Conference. | |||
| A SANS 2021 Survey | Endpoint Monitoring in a Dispersed WorkforceThis survey will explore the importance of endpoint monitoring in modern enterprises and how endpoint monitoring contributes to asset identification, incident response, containment and more. | |||
| A SANS 2021 Survey | Password Management and 2 Factor Authentication Methods SurveyThis survey will explore how organizations are managing their passwords across users, apps and devices. | |||
| A SANS 2021 Report | Top Skills Analysts Need to MasterThis report will discuss the top skills security analysts need to master to be effective at defending organizations across endpoints, networks, and the cloud. | |||
| A SANS 2021 Survey | Security Operations Center (SOC) SurveyThis survey will have a special focus around changes in budgets and the impact of the explosion of both remote work and the use of cloud based systems on critical SOC functions and team operations. | |||
| A SANS 2021 Survey | Making Visibility Definable and MeasurableThis survey will capture best practices in defining and achieving business-relevant levels of security visibility. | |||
| A SANS 2021 Survey | Cloud Security SurveyThis survey will explore the types of services organizations are using, what types of controls and tools provide the most value, and how effective cloud security brokering is for a range of use cases. | |||
| A SANS 2021 Report | Securing Cell PhonesThis report will explore how users are protecting their phones at a device and/or application level and gain insights on how organizations secure their company-provided, enterprise devices. |
Featured Analyst Resources
- Product Review: Investigating Like Sherlock: A SANS Review of QRadar Advisor with Watson – Matt Bromiley
- Spotlight Paper: Thinking like a Hunter: Implementing a Threat Hunting Program
- Custom Survey: What Security Practitioners Really Do When It Comes to Security Testing – Matt Bromiley
- Whitepaper: Red, Blue and Purple Teams: Combining Your Security Capabilities for the Best Outcome – Chris Dale
- Multi-Sponsor Survey: SANS 2019 Threat Hunting Survey: The Differing Needs of New and Experienced Hunters – Mathias Fuchs and Joshua Lemon
- Infographic: 10 Endpoint Security Problems Solved by the Cloud
- Analyst Poll: Cloud Readiness
- Video Add-On to Custom Paper: Defeating Attackers with Preventive Security
- SANS Guide: SANS Guide: An Evaluator's Guide to Next-Gen SIEM
- Multi-Sponsored Report: Implementer's Guide to Deception Technologies – Kyle Dickinson
Interested in sponsoring an Analyst paper? Contact Us.
