- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
Last 25 papers added to the Reading Room
Last Updated Nov 03, 2009
Why Crack When You Can Pass the Hash?
Christopher Hummel
Category: Penetration Testing
Posted: November 3, 2009
A Fuzzing Approach to Credentials Discovery using Burp Intruder
Karl Dawson
Category: Penetration Testing
Posted: October 29, 2009
Women in IT Security Project Management
Gurdeep Kaur
Category: Management & Leadership
Posted: October 27, 2009
Two-Factor Authentication: Can You Choose the Right One?
Emilio Valente
Category: Authentication
Posted: October 15, 2009
Security Concerns in Using Open Source Software for Enterprise Requirements
Sreenivasa Vadalasetty
Category: Security Awareness
Posted: October 8, 2009
Harness the Power of SIEM
Dereck Haye
Category: Intrusion Detection
Posted: October 6, 2009
Cisco Security Agent and Incident Handling
Greg Farnham
Category: Incident Handling
Posted: October 1, 2009
Best Practices in Data Protection: Encryption, Key Management and Tokenization
nuBridges, inc
Category: Application/Database Sec
Posted: September 29, 2009
Six Ways to Reduce PCI DSS Audit Scope by Tokenizing Cardholder data
nuBridges, inc
Category: Best Practices
Posted: September 29, 2009
Simple Windows Batch Scripting for Intrusion Discovery
Tim Proffitt
Category: Auditing & Assessment
Posted: September 29, 2009
Mitigating Insider Sabotage
Joseph Garcia
Category: Case Studies
Posted: September 28, 2009
Security Incident Handling in High Availability Environments
Algis Kibirkstis
Category: Incident Handling
Posted: September 15, 2009
Investigative Tree Models
Rodney Caudle
Category: Incident Handling
Posted: September 15, 2009
Mac OS X Malware Analysis
Joel Yonts
Category: Forensics
Posted: September 8, 2009
Incident Handlers Guide to SQL Injection Worms
Justin Folkerts
Category: Incident Handling
Posted: June 18, 2009
Building an Automated Behavioral Malware Analysis Environment using Open Source Software
Jim Clausing
Category: Tools
Posted: June 18, 2009
PCI DSS and Incident Handling: What is required before, during and after an incident
Christian J. Moldes
Category: Compliance
Posted: June 16, 2009
Virtual Rapid Response Systems
Chris Mohan
Category: Incident Handling
Posted: June 11, 2009
Effective Time and Communication Management
Brad Ruppert
Category: Management & Leadership
Posted: June 9, 2009
IOScat - a Port of Netcat's TCP functions to Cisco IOS
Robert Vandenbrink
Category: Tools
Posted: May 29, 2009
AppSec - Cross Site Request Forgery: What Attackers Don't Want You to Know
Jason Lam & Johannes B. Ullrich
Category: Application/Database Sec
Posted: May 22, 2009
Beer - The Key Ingredient to Team Development
Brad Ruppert
Category: Management & Leadership
Posted: May 20, 2009
An Inexpensive Wireless IDS using Kismet and OpenWRT
Jason Murray
Category: Intrusion Detection
Posted: May 4, 2009
Post Acquisition Audit in 30 Days
Brad Ruppert
Category: Auditing & Assessment
Posted: May 4, 2009
Are Network Designs Ready for a Pandemic?
Alan R. Mercer
Category: Network Devices
Posted: April 27, 2009
Christopher Hummel
Category: Penetration Testing
Posted: November 3, 2009
A Fuzzing Approach to Credentials Discovery using Burp Intruder
Karl Dawson
Category: Penetration Testing
Posted: October 29, 2009
Women in IT Security Project Management
Gurdeep Kaur
Category: Management & Leadership
Posted: October 27, 2009
Two-Factor Authentication: Can You Choose the Right One?
Emilio Valente
Category: Authentication
Posted: October 15, 2009
Security Concerns in Using Open Source Software for Enterprise Requirements
Sreenivasa Vadalasetty
Category: Security Awareness
Posted: October 8, 2009
Harness the Power of SIEM
Dereck Haye
Category: Intrusion Detection
Posted: October 6, 2009
Cisco Security Agent and Incident Handling
Greg Farnham
Category: Incident Handling
Posted: October 1, 2009
Best Practices in Data Protection: Encryption, Key Management and Tokenization
nuBridges, inc
Category: Application/Database Sec
Posted: September 29, 2009
Six Ways to Reduce PCI DSS Audit Scope by Tokenizing Cardholder data
nuBridges, inc
Category: Best Practices
Posted: September 29, 2009
Simple Windows Batch Scripting for Intrusion Discovery
Tim Proffitt
Category: Auditing & Assessment
Posted: September 29, 2009
Mitigating Insider Sabotage
Joseph Garcia
Category: Case Studies
Posted: September 28, 2009
Security Incident Handling in High Availability Environments
Algis Kibirkstis
Category: Incident Handling
Posted: September 15, 2009
Investigative Tree Models
Rodney Caudle
Category: Incident Handling
Posted: September 15, 2009
Mac OS X Malware Analysis
Joel Yonts
Category: Forensics
Posted: September 8, 2009
Incident Handlers Guide to SQL Injection Worms
Justin Folkerts
Category: Incident Handling
Posted: June 18, 2009
Building an Automated Behavioral Malware Analysis Environment using Open Source Software
Jim Clausing
Category: Tools
Posted: June 18, 2009
PCI DSS and Incident Handling: What is required before, during and after an incident
Christian J. Moldes
Category: Compliance
Posted: June 16, 2009
Virtual Rapid Response Systems
Chris Mohan
Category: Incident Handling
Posted: June 11, 2009
Effective Time and Communication Management
Brad Ruppert
Category: Management & Leadership
Posted: June 9, 2009
IOScat - a Port of Netcat's TCP functions to Cisco IOS
Robert Vandenbrink
Category: Tools
Posted: May 29, 2009
AppSec - Cross Site Request Forgery: What Attackers Don't Want You to Know
Jason Lam & Johannes B. Ullrich
Category: Application/Database Sec
Posted: May 22, 2009
Beer - The Key Ingredient to Team Development
Brad Ruppert
Category: Management & Leadership
Posted: May 20, 2009
An Inexpensive Wireless IDS using Kismet and OpenWRT
Jason Murray
Category: Intrusion Detection
Posted: May 4, 2009
Post Acquisition Audit in 30 Days
Brad Ruppert
Category: Auditing & Assessment
Posted: May 4, 2009
Are Network Designs Ready for a Pandemic?
Alan R. Mercer
Category: Network Devices
Posted: April 27, 2009
Check Them Out!
SANS always provides the best training and trainers with a vast amount of knowledge.
-Mike Brennan, SSIC
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy