SANS Institute
Encyclopedia
The SANS Institute is a private US company that specializes in internet security training. It was founded in 1989, provides computer security
training, professional certification
through Global Information Assurance Certification
(GIAC), and a research archive - the SANS Reading Room. It also operates the Internet Storm Center
, an Internet
monitoring system staffed by a global community of security practitioners. The trade name SANS (deriving from SysAdmin, Audit, Networking, and Security) belongs to the for-profit Escal Institute of Advanced Technologies.
s which combined training with tradeshow
s and vendor-oriented marketing. SANS offers computer and internet security courses in a variety of formats including a virtual classroom (SANS vLive), online training and assessments (SANS OnDemand) and live training via Community SANS, a Local Mentor Program, and the original Conference format. Free webcasts and email newsletters (@Risk, Newsbites, Ouch!) have been developed in conjunction with security vendors. The actual content behind SANS training courses and training events remain "vendor-agnostic." Vendors cannot pay to offer their own official SANS course, although they can teach a SANS "hosted" event via sponsorship.
Certifications related to SANS training courses are offered by SANS-operated GIAC
.
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
training, professional certification
Professional certification
Professional certification, trade certification, or professional designation, often called simply certification or qualification, is a designation earned by a person to assure qualification to perform a job or task...
through Global Information Assurance Certification
Global Information Assurance Certification
Global Information Assurance Certification is an information security certification entity that specialises in technical and practical certification as well as new research in the form of its GIAC Gold program...
(GIAC), and a research archive - the SANS Reading Room. It also operates the Internet Storm Center
Internet Storm Center
The Internet Storm Center is a program of the SANS Technology Institute, a branch of the SANS Institute which monitors the level of malicious activity on the Internet, particularly with regards to large-scale infrastructure events....
, an Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
monitoring system staffed by a global community of security practitioners. The trade name SANS (deriving from SysAdmin, Audit, Networking, and Security) belongs to the for-profit Escal Institute of Advanced Technologies.
SANS training
When originally organized in 1989, SANS Conferences functioned like traditional technical conferences showcasing technical presentations. By the mid-1990s, SANS evolved into a more commercial format offering eventConvention (meeting)
A convention, in the sense of a meeting, is a gathering of individuals who meet at an arranged place and time in order to discuss or engage in some common interest. The most common conventions are based upon industry, profession, and fandom...
s which combined training with tradeshow
Trade fair
A trade fair is an exhibition organized so that companies in a specific industry can showcase and demonstrate their latest products, service, study activities of rivals and examine recent market trends and opportunities...
s and vendor-oriented marketing. SANS offers computer and internet security courses in a variety of formats including a virtual classroom (SANS vLive), online training and assessments (SANS OnDemand) and live training via Community SANS, a Local Mentor Program, and the original Conference format. Free webcasts and email newsletters (@Risk, Newsbites, Ouch!) have been developed in conjunction with security vendors. The actual content behind SANS training courses and training events remain "vendor-agnostic." Vendors cannot pay to offer their own official SANS course, although they can teach a SANS "hosted" event via sponsorship.
Certifications related to SANS training courses are offered by SANS-operated GIAC
Global Information Assurance Certification
Global Information Assurance Certification is an information security certification entity that specialises in technical and practical certification as well as new research in the form of its GIAC Gold program...
.
SANS Technology Institute
SANS has branched out into the SANS Technology Institute, a degree-granting educational organization based on SANS training. SANS continues to offer free security content via the SANS Technology Institute Leadership Lab and IT/Security related leadership information.Publications
SANS instructors have contributed to many security-oriented books, such as:- Geekonomics: The Real Cost of Insecure Software (ISBN 978-0321477897)
- Blogging for Business (ISBN 978-1419536458)
- Hackers Beware: The Ultimate Guide to Network Security (ISBN 0-7357-1009-0)
- Hiding in Plain Sight : Steganography and the Art of Covert Communication (ISBN 0-471-44449-9)
- Inside Network Perimeter Security: The Definitive Guide to Firewalls, Virtual Private Networks (VPNs), Routers, and Intrusion Detection Systems (ISBN 0-7357-1232-8)
- IT Ethics Handbook (ISBN 1931836140)
- Linksys WRT54G Ultimate Hacking (ISBN 978-1597491662)
- Malware: Fighting Malicious Code (ISBN 0-13-101405-6)
- Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition) (ISBN 0-13-148104-5)
- Know Your Enemy: Learning about Security Threats (2nd Edition) (ISBN 978-0321166463)
- Network Intrusion Detection (ISBN 0-7357-1265-4)
- Network Intrusion Detection: An Analyst's Handbook (ISBN 0-7357-1008-2)
- Snort Intrusion Detection and Prevention Toolkit (ISBN 978-1597490993)
See also
- Computer securityComputer securityComputer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
- Information securityInformation securityInformation security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction....
- Information Security ForumInformation Security ForumThe Information Security Forum is an independent, not-for-profit association of leading organizations from around the world. It is dedicated to investigating, clarifying and resolving key issues in information security, and developing best practice methodologies, processes and solutions that meet...
- Internet Storm CenterInternet Storm CenterThe Internet Storm Center is a program of the SANS Technology Institute, a branch of the SANS Institute which monitors the level of malicious activity on the Internet, particularly with regards to large-scale infrastructure events....
- Information security management systemInformation security management systemAn information security management system is a set of policies concerned with information security management or IT related risks. The idioms arose primarily out of ISO 27001....
(ISMS) - IT riskIT riskInformation technology risk, or IT risk, IT-related risk, is a risk related to information technology. This relatively new term due to an increasing awareness that information security is simply one facet of a multitude of risks that are relevant to IT and the real world processes it...