Students: Resources


SANS Learning Resource Center

The challenges of information security are constantly evolving, and excellence in performance demands continuous monitoring of changes in threats, technology, and practices. SANS conducts an extensive research program that will help SANS Technology Institute students and alumni maintain their edge in security. All of these services are available at no cost to SANS Technology Institute students and alumni unless otherwise specified. SANS supplies a learning resource center through the SANS Resources Center, which is a compilation of thousands of original research papers, security policies, security notes, along with a wealth of unique network security data.

  1. SANS Information Security Reading Room contains more than 1,600 original research studies, not available from any other source, in over 70 categories relevant to the study of information security.

    The papers in the SANS Reading Room were prepared by information security professionals to meet the requirements to earn SANS GIAC (Global Information Assurance Certification) certifications. On average, each of the papers reflects 30 to 40 hours of original research.

  2. The SANS Security Policy Collection contains model security policies developed by major corporations and government agencies. They serve as guides and templates for security managers who need to understand and create effective security policies. At the time this was written, the Policy collection contained about 35 policies. The collection grows as new security issues arise and policy templates are needed.
  3. The SANS Top-20 2009 is a consensus list of vulnerabilities that require immediate remediation. It is the result of a process that brought together dozens of leading security experts. They come from the most security-conscious government agencies in the UK, US, and Singapore; the leading security software vendors and consulting firms; the top university-based security programs; the Internet Storm Center, and many other user organizations.
  4. The SANS Newsletter Collection helps you to keep up with the high level perspective of the latest security news.
  5. The security glossary is among the largest glossary of security terms available on the Internet, it was developed jointly by SANS and the National Security Agency. It provides authoritative definitions of many of the specialized terms students will encounter.
  6. The SANS Internet Storm Center Archives contains contemporaneous analyses of new attacks that are discovered on the Internet. Internet Storm Center is the first site most government and commercial security officers visit after learning of a new attack because experts come together at that site to share what they have learned about the damage being done by the new attack and what can be done to block the attack. The archives form an extraordinary research asset because of the depth of the analysis and the currency of the topics covered. Internet Storm Center archives also provide SANS students with access to raw data, summaries, and query facilities to analyze malicious Internet traffic records. This is a rich data source for advanced security research projects looking at attack patterns and how fast worms spread through the Internet.
  7. S.C.O.R.E. A community of security professionals working to develop consensus regarding minimum standards and best practice information. This cooperative research program delivers authoritative checklists and tools that enable you to measure the effectiveness of the security of various aspects of your defensive arsenal.
  8. SANS Web Briefings
    Several times a month, SANS faculty and other Security experts provide up-to-date web briefings for SANS alumni on new threats seen at Internet Storm Center, new technologies that are emerging, and analysis of security trends. These web briefings are archived so you may listen to them at any time. SANS WhatWorks - Choosing the right security software that actually does what the vendors claim is far more difficult than it should be. Many organizations end up with security tools that do not work effectively and their organizations and customer information are put unnecessarily at risk. SANS WhatWorks enables alumni and others who are using security tools to share their experience both good and bad in implementing security tools. They deliver that information to you as webcasts (available at all times), and textual case studies. The program allows you to eliminate months of trying to decide whether all the sales pitches you are getting reflect reality.
  9. Popular Resources on Computer Security FAQ providing answers to common information requests about computer security and links to additional reading.
  10. SANS Resources Center constantly adds resource material, so please check it frequently.

GIAC Learning Resource Center

The GIAC resources page offers several white papers on key issues included in the Common Body of Knowledge and is a rich source of resources for every person seeking certification and technical expertise in network security and information security.

Library Book Resources

Students may borrow books/media from SANS Technology Institute (STI). To view the list of library contents, click on the Excel spreadsheet here. Students may have up to 3 borrowed books in their possession at the same time for research on papers and projects that are required by the Master's Program. They may keep the book(s) for up to one month. They may renew the book(s) for one additional month by sending an e-mail request to before the original due date. Requests for a book(s) should be e-mailed to If the book is available in the library, it will be mailed to the student by first class mail or priority mail or similar method to the address that the student indicates. Students must return them in good condition using first class mail or priority mail or similar method with a postmark on or earlier than the due date. (Students should NOT use a "book rate" mailing method of return since it is too slow). Students are welcome to suggest books that they would like STI to consider adding to its library. Applicants who are accepted to STI after January 31, 2007 will be charged a non-refundable $50 Library/Media Fee as a condition of acceptance or upon acceptance. If a student loses a book, they must pay for the cost of replacement (including tax and shipping cost, if any) plus a $15.00 handling charge. STI retains the right to impose late fees for over-due books. Also, all charges/fees/fines must be paid in full by the student before a degree will be awarded to a student.

Malware Lab Resources

Malware Lab from the SANS Internet Storm Center Handlers and Malware Group. It will be available for use by master's degree students of SANS Technology Institute as follows: The student must submit a one page proposal to outlining how the student wishes to use it. If the request is approved, the student will be given a vpn account to access the malware lab.

Internet Storm Center/DShield Resources

Internet Storm Center/DShield - (DShield/ISC) - with its data. It will be available for use by master's degree students of SANS Technology Institute as follows: The student must submit a one page proposal to outlining how the student wishes to use it. If the request is approved, the student will be given ssh access to the DShield data via its research mirror at the University of Wisconsin, or the student will be given a vpn account to access the malware lab.

Other Resources on this Website

This resources section also includes the Leadership Laboratory, Musings, Master's Student's Presentations and Projects.

General IT and Management Resources:

The following resources are available to SANS Technology Institute students, and are maintained by other organizations. Many of the resources are freely available, but some require registration and fees for use:

Case Study and Research Databases:

Magazine Databases:

    This site provides a search engine for locating individual magazine articles on the web.
  • Periodicals in Maryland Libraries
    This site provides a listing of periodicals owned by Maryland libraries — useful when unable to find the full text articles online.
    This site offers access to articles published in the last two years from over 300 publications.