Browse Definitions :
Definition

SANS Institute

The SANS Institute is a private, for-profit organization that offers information security and cybersecurity training and certification in 90 cities around the world.

The Institute was founded in 1989 as a cooperative dedicated to IT security research and education. SANS maintains the largest repository of security information in the world and is also the largest certification body. The organization makes a large collection of security research documents freely available and operates an Internet warning system: The Internet Storm Center.

Resources offered by SANS:

  • SANS Information Security Reading Room offers over 2520 research papers in 96 categories.
  • SANS Weekly Bulletins and Alerts provides security news and vulnerability alerts.
  • SANS Security Policy Project offers security policy templates.
  • Vendor-Related Resources
  • Information Security Glossary includes brief definitions of security terms and acronyms.
  • Internet Storm Center
  • S.C.O.R.E. - A mechanism designed to help industry members agree on tools to secure common software and systems.
  • CIS Critical Security Controls provides a consensus-based ranking of the most effective security controls.
  • Intrusion Detection FAQ (frequently-asked questions).
  • SANS Press Room - Resources to help media cover the industry.

The SANS Institute’s GIAC (Global Information Assurance Certification) program provides a standards-based means to ensure the knowledge and abilities of a security professional. The program encourages continuous learning through its work-study program which provides teaching credits that can be redeemed for a reduced rate on classes.

This was last updated in May 2016

Continue Reading About SANS Institute

SearchCompliance

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

  • information governance

    Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...

  • enterprise document management (EDM)

    Enterprise document management (EDM) is a strategy for overseeing an organization's paper and electronic documents so they can be...

SearchSecurity

  • information security (infosec)

    Information security, often shortened to infosec, is the practice, policies and principles to protect data and other kinds of ...

  • denial-of-service attack

    A denial-of-service (DoS) attack is a security event that occurs when an attacker makes it impossible for legitimate users to ...

  • user authentication

    User authentication verifies the identity of a user attempting to gain access to a network or computing resource by authorizing a...

SearchHealthIT

SearchDisasterRecovery

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

SearchStorage

  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

  • cloud testing

    Cloud testing is the process of using the cloud computing resources of a third-party service provider to test software ...

  • storage virtualization

    Storage virtualization is the pooling of physical storage from multiple storage devices into what appears to be a single storage ...

Close