- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Tools for Defense In-Depth
- WhatWorks Home
- WhatWorks Poster - Six Defensive Walls for a Layered Approach to Security
- WALL 1: Proactive Software Assurance
- WALL 2: Blocking Attacks: Network Based
- WALL 3: Blocking Attacks: Host Based
- WALL 4: Eliminating Security Vulnerabilities
- WALL 5: Safely Supporting Authorized Users
- WALL 6: Tools to Manage Security and Maximize Effectiveness
I learned more here in six days than I could in a year in terms of breadth of knowledge.
-Stephen Yuhas, TESSCO Technologies
Tools That Work
- Defensive Wall 1: Proactive Software Assurance
- 1.1 Source Code and Binary Code Testing Tools and Services (White Box Scanners)
- 1.2 Application Security Scanners (White Box Tools)
- 1.3 Application Penetration Testing
- 1.4 Application Security Skills Assessment & Certification
- Defensive Wall 2: Blocking Attacks: Network Based
- 2.1 Intrusion Prevention (IPS) & Detection (IDS)
- 2.2 Wireless Intrusion Prevention (WIPS)
- 2.3 Network Behavior Analysis and DDoS Monitoring
- 2.4 Firewalls, Enterprise Antivirus and Unified Threat Management
- 2.5 Secure Web Gateways
- 2.6 Secure Messaging Gateways and Anti-Spam Tools
- 2.7 Web Application Firewalls
- 2.8 Managed Security Services
- Defensive Wall 3: Blocking Attacks: Host Based
- 3.1 Endpoint Security
- 3.2 Network Access Control (NAC)
- 3.3 System Integrity Checking Tools
- 3.4 Configuration Hardening Tools
- Defensive Wall 4: Eliminating Security Vulnerabilities
- 4.1 Network Discovery Tools
- 4.2 Vulnerability Management
- 4.3 Network Penetration Testing and Ethical Hacking
- 4.4 Patch and Security Configuration Management and Compliance
- Defensive Wall 5: Safely Supporting Authorized Users
- 5.1 Identity and Access Management
- 5.2 Mobile Data Protection and Storage Encryption
- 5.3 Storage and Backup Encryption
- 5.4 Content Monitoring
- 5.5 Data Leak Protection and Digital Rights Management
- 5.6 Virtual Private Networks (VPNs)
- Defensive Wall 6: Tools to Manage Security and Maximize Effectiveness
- 6.1 Log Management and Security Information and Event Management
- 6.2 Media Sanitization and Mobile Device Recovery and Erasure
- 6.3 Security Skills Development
- 6.4 Security Awareness Training
- 6.5 Forensics Tools
- 6.6 Governance, Risk and Compliance Management Tools
- 6.7 Disaster Recovery and Business Continuity
About WhatWorks
SANS WhatWorks saves user organizations months of time that would be wasted in trying to uncover the truth about which Internet security tools actually work in their environments. WhatWorks is a user-to-user program in which managers from organizations that have implemented each of the effective internet security technologies tell a complete story of why they deployed it, how it works, how they know it actually improves security, what problems they faced, and what lessons they learned. Without WhatWorks, buyers are at the mercy of sales people who, too often, do not have sufficient security expertise to understand how their products fit into a defense in depth and what the tools can and cannot do. Only users know the answers to those questions. Smart buyers have always demanded an opportunity to talk to users directly. SANS WhatWorks brings those users to you in written interviews and in live and recorded webcasts where you can get your questions answered.
One aspect of the SANS WhatWorks program is a full color wall poster that highlights a complete defense in depth program. This poster goes to more than 350,000 security professionals, CISO's and CIO's. You may download the poster at www.sans.org/whatworks/poster_fall_08.pdf.
WhatWorks is just getting started; more tools and more interviews are being added every month. We are always grateful to receive feedback. Please email paller@sans.org.