Reading Room

More than 75,000 unique visitors read papers in the Reading Room every month and it has become the starting point for exploration of topics ranging from SCADA to wireless security, from firewalls to intrusion detection. The SANS Reading Room features over 3,390 original computer security white papers in 112 different categories.

Analyst Papers: To download the Analyst Papers, you must be a member of the SANS.org Community. Upon joining the community, you will have unlimited access to Analyst Papers and all associated webcasts, including the ondemand version where you can download the slides.

Latest 25 Papers Added to the Reading Room

• SANS 2023 CTI Survey: Keeping Up with a Changing Threat Landscape Analyst Paper (requires membership in SANS.org community)
  by Katie Nickels - July 17, 2023 

  •  Login
  •  Join SANS.org

• ---

• Security & Operational Intelligence Analyst Paper (requires membership in SANS.org community)
  by Matt Bromiley - July 11, 2023 

  •  Login
  •  Join SANS.org

• ---

• 2023 SANS Survey on API Security Analyst Paper (requires membership in SANS.org community)
  by John Pescatore - July 11, 2023 

  •  Login
  •  Join SANS.org

• ---

• SANS Review: reCAPTCHA Enterprise Analyst Paper (requires membership in SANS.org community)
  by Dave Shackleford - July 10, 2023 

  •  Login
  •  Join SANS.org

• ---

• SANS 2023 Attack and Threat Report Analyst Paper (requires membership in SANS.org community)
  by Terry Allan Hicks - June 26, 2023 

  •  Login
  •  Join SANS.org

• ---

• Breaking IT/OT Silos With ICS/OT Visibility Analyst Paper (requires membership in SANS.org community)
  by Jason Christopher - June 22, 2023 

  •  Login
  •  Join SANS.org

• ---

• 2023 SANS Report: Architecting a Cloud Security Guardrails Model Analyst Paper (requires membership in SANS.org community)
  by Dave Shackleford - June 20, 2023 

  •  Login
  •  Join SANS.org

• ---

• Protecting CI/CD Pipelines: Growing Threats and the Keys to Securing Them Analyst Paper (requires membership in SANS.org community)
  by Chris Edmundson - June 20, 2023 

  •  Login
  •  Join SANS.org

• ---

• Kubernetes: Stealing Service Account Tokens to Obtain Cluster-Admin by Cory Helco - June 14, 2023 in Auditing & Assessment

  •  Download

• ---

• SANS 2023 SOC Survey Analyst Paper (requires membership in SANS.org community)
  by Chris Crowley, Barbara Filkins, and John Pescatore - June 13, 2023 

  •  Login
  •  Join SANS.org

• ---

• Cloud-Native Application Protection Platforms (CNAPPS) Buyers Guide Analyst Paper (requires membership in SANS.org community)
  by Dave Shackleford - June 2, 2023 

  •  Login
  •  Join SANS.org

• ---

• SANS 2023 Survey: Visibility and Attack Surface Analyst Paper (requires membership in SANS.org community)
  by Doc Blackburn and Mark Williams - May 30, 2023 

  •  Login
  •  Join SANS.org

• ---

• 2023 SANS Report: Digital Forensics Analyst Paper (requires membership in SANS.org community)
  by Heather Mahalik and Domenica Crognale - May 9, 2023 

  •  Login
  •  Join SANS.org

• ---

• Applying Threat Intelligence to Containers by Brandon Helms - May 3, 2023 in Active Defense

  •  Download

• ---

• Survey Threat Hunting: Focusing on the Hunters and How Best to Support Them Analyst Paper (requires membership in SANS.org community)
  by Mathias Fuchs and Josh Lemon - April 20, 2023 

  •  Login
  •  Join SANS.org

• ---

• Zero Trust-Based Access Management and Remote Access for OT-IT-Cloud Analyst Paper (requires membership in SANS.org community)
  by Stephen Mathezer - April 11, 2023 

  •  Login
  •  Join SANS.org

• ---

• Managed Detection and Response: Optimizing External Expertise Analyst Paper (requires membership in SANS.org community)
  by Chris Crowley - April 3, 2023 

  •  Login
  •  Join SANS.org

• ---

• Streamline and Eliminate Audit Procedures Analyst Paper (requires membership in SANS.org community)
  by Matt Bromiley - March 28, 2023 

  •  Login
  •  Join SANS.org

• ---

• Self-Supervised Learning Cybersecurity Platform for Threat Detection Analyst Paper (requires membership in SANS.org community)
  by Matt Bromiley - March 28, 2023 

  •  Login
  •  Join SANS.org

• ---

• 2023 SANS Report: The State of MDR Analyst Paper (requires membership in SANS.org community)
  by Dave Shackleford - March 21, 2023 

  •  Login
  •  Join SANS.org

• ---

• Living Off the Land as a Defender: Detecting Attacks with Flexible Baselines by Justin Store - March 15, 2023 in Active Defense

  •  Download

• ---

• 2023 Report: Become Timeless: The Present and Future Skills Needed for Cybersecurity Job Success at Any Level Analyst Paper (requires membership in SANS.org community)
  by Kevin Garvey - March 15, 2023 

  •  Login
  •  Join SANS.org

• ---

• Ransomware and Malware Intrusions in 2022 (And Preparing for 2023!) Analyst Paper (requires membership in SANS.org community)
  by Matt Bromiley - March 2, 2023 

  •  Login
  •  Join SANS.org

• ---

• Really, How Bad Do Routers Have It? Analyst Paper (requires membership in SANS.org community)
  by Jesse Schibilia - February 22, 2023 

  •  Login
  •  Join SANS.org

• ---

• A DNS Security Architecture as SecOps Force Multiplier Analyst Paper (requires membership in SANS.org community)
  by John Pescatore - February 20, 2023 

  •  Login
  •  Join SANS.org

• ---

SANS.edu Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.