This report discusses the proper workflows in Security Optimization.

This report discusses the Security Operations Center and how it is being architected in organizations with some consensus on what should be done. The paper details the issues and problems that need to be resolved as this area of expertise continues to grow.

This newly released SANS survey suggests the need to broaden the definition of endpoint to include the user. The two most common forms of attacks reported are browser-based attacks and social engineering, both of which are directed at users, not technology. Download this survey report to learn other key issues surrounding endpoint protection.

This report is based on a survey that sought to see how organizations were protecting their data.

From the report, “In the following pages, we examine the results of the survey in detail and offer guidelines and feedback on how our industry can continue to improve. The show must go on—but it is far from over.”

Distributed denial of service (DDoS) attacks continue to grow in frequency, sophistication and bandwidth. Due to a recent SANS survey, 378 security and network managers reveal that they are experiencing more frequent and sophisticated DDoS attacks These and other trends are discussed in the rest of this report.

This report discusses the results of a survey conducted in 2017 to determine what information, concerns and security choices organizations are making with the cloud and the security of the cloud.

The aim of this paper is to establish a database on studies, articles and working papers on cyber risk and cyber risk insurance.Based on this, we provide insurance practitioners and academics a high-level overview of the main research topics and future research directions in the field.

During the research for this report, two key findings were discovered that uncovered why awareness programs thrive or fail.

This paper outlines five major components of a life-cycle approach to defense and how companies can adopt this model to maximize security in the current threat landscape.

This is the result of SANS 2018 Cyber Threat Intelligence Survey. The survey focuses on how organizations could collect security intelligence data from a variety of sources, and then recogniza and act up on indicators of attach and compromise scenarious in a timely manner.

From the report, “Application security (AppSec) is maturing for most organizations, according to the 475 respondents who took the SANS 2016 State of Application Security survey. In it, respondents recognize the need for AppSec programs and are working to improve them, despite a lack of the necessary skills, lack of funding and management buy-in, and silos between departments hampering their AppSec programs.”