SANS Information Security Reading Room

SANS 2009

More than 35 courses, SANS top instructors, all in one great place! SANS 2009 is being held in Orlando, FL on March 2-9. Register today!

Gathering Security Metrics and Reaping the Rewards

Category: Management & Leadership

Paper Added: November 16, 2009

Hey Dude! I Can Do a Great Humphrey Bogart!

Category: Network Devices

Paper Added: November 11, 2009

A Multi-Perspective View of PHP Remote File Include Attacks

Categories: Intrusion Detection,Intrusion Prevention

Paper Added: November 10, 2009

Check Point Firewall Log Analysis In-Depth

Category: Logging Technology and Techniques

Paper Added: November 10, 2009

Efficiently Deducing IDS False Positives Using System Profiling

Categories: Intrusion Detection,Intrusion Prevention

Paper Added: November 9, 2009

Why Crack When You Can Pass the Hash?

Category: Penetration Testing

Paper Added: November 3, 2009

A Fuzzing Approach to Credentials Discovery using Burp Intruder

Category: Penetration Testing

Paper Added: October 29, 2009

Women in IT Security Project Management

Category: Management & Leadership

Paper Added: October 27, 2009

Two-Factor Authentication: Can You Choose the Right One?

Category: Authentication

Paper Added: October 15, 2009

Security Concerns in Using Open Source Software for Enterprise Requirements

Category: Security Awareness

Paper Added: October 8, 2009

Harness the Power of SIEM

Categories: Intrusion Detection,Logging Technology and Techniques

Paper Added: October 6, 2009

Cisco Security Agent and Incident Handling

Category: Incident Handling

Paper Added: October 1, 2009

Best Practices in Data Protection: Encryption, Key Management and Tokenization

Categories: Application/Database Sec,Best Practices,Encryption & VPNs,Compliance

Paper Added: September 29, 2009

Six Ways to Reduce PCI DSS Audit Scope by Tokenizing Cardholder data

Categories: Best Practices,eCommerce,Encryption & VPNs,Compliance

Paper Added: September 29, 2009

Simple Windows Batch Scripting for Intrusion Discovery

Categories: Auditing & Assessment,Incident Handling

Paper Added: September 29, 2009

Mitigating Insider Sabotage

Categories: Case Studies,Incident Handling

Paper Added: September 28, 2009

Security Incident Handling in High Availability Environments

Category: Incident Handling

Paper Added: September 15, 2009

Investigative Tree Models

Category: Incident Handling

Paper Added: September 15, 2009

Mac OS X Malware Analysis

Category: Forensics

Paper Added: September 8, 2009

Incident Handlers Guide to SQL Injection Worms

Category: Incident Handling

Paper Added: June 18, 2009

Building an Automated Behavioral Malware Analysis Environment using Open Source Software

Category: Tools

Paper Added: June 18, 2009

PCI DSS and Incident Handling: What is required before, during and after an incident

Category: Compliance

Paper Added: June 16, 2009

Virtual Rapid Response Systems

Category: Incident Handling

Paper Added: June 11, 2009

Effective Time and Communication Management

Category: Management & Leadership

Paper Added: June 9, 2009

IOScat - a Port of Netcat's TCP functions to Cisco IOS

Category: Tools

Paper Added: May 29, 2009