We’ve compiled a list of the most-popular Free Resources created by SANS Faculty and team in 2021. Keep current, elevate your knowledge, and earn CPEs with the best free resources in cybersecurity.

 Top 10 Webcasts

1. Ransomware - Do You Pay It Or Not? - Experts debate the costs and ethics surrounding ransomware payments—Ryan Chapman, Matthew Toussain, Jake Williams & James Shank
2. Out in the Wild: How OSINT Supports Proactive Defense—Jackie Abrams
3. Pen Testing API Security in the Web & Cloud—Mohammed Aldoub
4. Unpacking the Hype—What You Can (and Can’t) Do to Prevent/Detect Software Supply Chain Attacks—Jake Williams
5. Using Marketplaces for Valuable OSINT Data—Jake Creps
6. What Did Solarwinds Teach Us? Preventing Office 365 and Connected Cloud Attacks—Sundaram Lakshmanan & Matt Hines
7. Creating Resiliency in Third Party Risk Management—Art Coviello, Robert Herjavec & Nicole Rowe
8. Contextualizing the MITRE ATT&CK® Framework—Matt Bromiley & Avihai Ben-Yossef
9. Burp Suite Cheat Sheet & Tips and Tricks—Chris Dale
10. Cryptography – “The Encryption and Password Hashing Recipe (with a little salt).”—Bryan Simon
    
    
    
    

Top 10 Blogs

1. CIS Controls v8
2. The Ultimate List of SANS Cheat Sheets
3. Getting Started in Cybersecurity with a Non-Technical Background
4. Must-Have Free Resources for Open-Source Intelligence (OSINT)
5. How you can start learning malware analysis
6. What you need to know about the SolarWinds Supply Chain Attack
7. Time for password Expiration to Die
8. Intro to Report Writing for Digital Forensics
9. A Step-by-step Intro to using the autopsy forensic browser
10. Forensics 101 – Acquiring an image with FTK image
    
    

 Top 10 Open-Source Tools

1. SIFT Workstation VM Appliance
2. EZ Tools
3. Slingshot Community Edition
4. SOF-ELK®
5. The Pyramid of Pain
6. REMnux®
7. Risk Definitions
8. NIST CSF+
9. Human Metrics Matrix
10. Timeline Explorer

Top 10 Summit Videos 

1. Keynote: Cobalt Strike Threat Hunting Chad Tilbury, Senior Instructor, SANS Institute
2. Simplifying and Demystifying Security in the Cloud Jerich Beason, Chief Information Security Officer, Epiq
3. Keynote: Understanding the Effectiveness of Exploit Mitigations for Purple Teams Stephen Sims, Fellow, SANS Institute, Fellow, SANS Institute
4. Threat Intel for Everyone: Writing Like A Journalist To Produce Clear, Concise Reports Selena Larson, Cyber Threat Analyst
5. Landing a Job: Resumes & The Application Process Lesley Carhart, Principal Threat Analyst, Dragos Lesley Carhart, Principal Threat Analyst, Dragos
6. A River Runs Through IT: What Whitewater Rafting Taught Me About Incident Response Stef Rand, Incident Response Consultant, FireEye/Mandiant
7. Killing Time (ICS Summit) Tim Conway, Certified Instructor, SANS Institute & Jeff Shearer, Instructor, SANS Institute
8. Keynote: OSINT Efficiency: Extending & Building Tools Chris Poulter, CEO, OSINT Combine
9. Kubernetes Goat – Interactive Kubernetes Security Learning Playground Madhu Akula, Security Engineer, Miro
10. ICS Security Summit 2021 Keynote Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology on the National Security Council

SANS Virtual Summits will continue to be FREE to the global community in 2022!
Be sure to check out the latest Summit listing and get registered, or to opt in to be notified as registration opens for your favorite Summits in 2022.

Top 10 Whitepapers

1. How to Integrate Security into the DevOps Pipeline in AWS—Dave Shackleford
2. Making Revolutionary Gains in Security on Your Endpoints—John Pescatore
3. 2021 Ransomware Case Study: Identifying High Priority Security Controls for Public Institutions—Anthony Luna
4. Data First: Defending Your Organization from Within—Matt Bromiley
5. Combating Insider Threats with People, Processes, and AI-Based Technology—Heather Mahalik
6. Maximizing Security Value Through External Attack Surface Management—Jake Williams
7. Cities of the Future: Smart with Secure Infrastructure—Dean Parsons
8. Understanding Your Attack Surface—Matt Bromiley
9. Password Management and Two-Factor Authentication Methods Survey—Chris Dale
10. End-to-End Security Operations Management in a SOAR Platform—Chris Crowley

If your 2022 plans include doubling down on your training goals, learning new cybersecurity skills, leveling up in your career, and earning CPEs, make sure to check out sans.org/free for all the latest free resources for the community!

"The more SANS content I consume, the more I see thoroughness and thoughtfulness that I've not seen in other technical trainings." - Laura F., U of MN