The SANS 2022 Security Awareness Report analyzes data provided by more than a thousand security awareness professionals from around the world to identify and benchmark how organizations are managing their human risk. (more available)

For our survey, we targeted successful women working in varied roles in the cybersecurity community, and we queried them about everything from breaking into the field and gaining career momentum to choosing a specialty and finding ways to remain relevant. (more available)

The SANS CTI survey shows that many CTI programs can meet the challenge. While some programs are just getting started due to increased cybersecurity needs and a growing, complex threat environment brought on by the rapid shift to remote work, organizations can rely on CTI providers and information-sharing groups to fill in the gaps as their programs mature. (more available)

In this white-paper, we address both high-level concepts: With respect to ransomware, what are the current adversary trends, and then what can organizations do to defend themselves (or better defend themselves)? (more available)

The goal of the SANS 2022 Cloud Security Survey is to provide additional insight into how organizations are using cloud today, the threats security teams are facing in the cloud, and what we are doing to improve security posture in the cloud, as well. (more available)

The goal of the SANS 2021 Cloud Security Survey is to provide additional insights into how organizations are using the cloud today, the threats security teams are facing in the cloud, and what they’re doing to improve security posture in the cloud. (more available)

A survey of 450 individuals on cybersecurity spending plans, areas of investment, and workforce requirements.

Automation and integration is often hailed as a great enabler for the future. This survey identified how respondents are adopting systems, where their systems currently stand and what is on the planning horizon. (more available)

A lot of progress has been made in the past few years around requirements. Next steps in this area include identifying when and why to update intelligence requirements—even ad hoc adjustments can be planned for by identifying the circumstances under which they would need to be changed. (more available)

We annually gather and analyze raw data from hundreds of IT and industrial control systems (ICS) security practitioners across a variety of industries, people whose work places them in positions of responsibility to identify risks and safeguard control systems and networks from malicious and accidental actions. (more available)

A survey of over 300 security professionals on security operations center (SOC) practices and how those practices relate to outcomes.

This 2019 edition of the SANS Security Operations Center (SOC) Survey was designed to provide objective data to security leaders and practitioners who are looking to establish a SOC or optimize their existing SOCs. (more available)

This year’s SANS survey saw an increase in usage and interest in CTI, along with a diversification in how the intelligence is being used by organizations. (more available)

Automation balances machine-based analysis with human-based domain knowledge to help organizations achieve optimal workflows in the face of staff shortages and alert fatigue, all caused by an increasing number of destructive threats. (more available)

This survey, the sixth in a series of annual studies by SANS on security practices in software development, is the first to explicitly focus on DevOps. (more available)

This report analyzes the data submitted by 1,718 security awareness professionals from around the world to identify and benchmark how organizations are managing their human cyber security risk. (more available)

This report is based on a survey, that is intended to provide a community perspective on what security operations centers (SOCs) look like within organizations across the globe, as well as data and guidance to enable organizations to build, manage, maintain and mature effective and efficient SOCs. (more available)

This report discusses the proper workflows in Security Optimization.

This report discusses the Security Operations Center and how it is being architected in organizations with some consensus on what should be done. (more available)

This newly released SANS survey suggests the need to broaden the definition of endpoint to include the user. The two most common forms of attacks reported are browser-based attacks and social engineering, both of which are directed at users, not technology. (more available)

This report is based on a survey that sought to see how organizations were protecting their data.