GIAC Research Papers
Explore GIAC research papers authored by certified professionals, covering real-world cybersecurity topics including cloud security, incident response, digital forensics, and AI.
2026 SANS SOC Survey Insights: A Decade of Evolution in Cyber Defense
Research PaperSecurity AwarenessSANS 2026 SOC Survey findings that dive into: where SOCs are investing, where they are struggling, and where the gap between high-performing teams and everyone else is widening.
- 15 Jun 2026
- Christopher Crowley
From Alert to Evidence: Evaluating AI Agents for Cyber Forensic Triage
Research PaperArtificial IntelligenceCyber defense teams are beginning to experiment with large language models in security operations, but their usefulness in digital forensics and incident triage is still uncertain.
- 11 Jun 2026
- Connor Blackard
Securing the Sun: Impact-Effective Cybersecurity Controls for Solar SCADA
Research PaperIndustrial Control Systems SecurityBased on research conducted with a custom-built lab emulating a utility-grade solar SCADA network, this paper details the greatest impact on a solar site, in the form of physical consequences to power generation capabilities.
- 11 Jun 2026
- Wesley D. Barrier
Know Your Blind Spots: Better Visibility Through EDR Policy Hardening
Research PaperDigital Forensics and Incident ResponseEndpoint Detection and Response (EDR) tools identify, detect, and respond to anomalous behavior.
- 9 Jun 2026
- Joshuah Williams
Risk-Adaptive Data Loss Prevention: Behavioral Intelligence with DLP
Research PaperCyber DefenseRisk-Adaptive Data Loss Prevention: Behavioral Intelligence with DLP
- 4 Jun 2026
- Matt Bromiley
2026 SANS Cyber Threat Intelligence (CTI) Survey Insights
Research PaperCyber DefenseEvery year, the SANS CTI Survey gets sharper. This year, it takes a step the field has needed for a while. For the first time, the 2026 survey includes a dedicated module for security executives, capturing responses from 67 CISOs and CSOs.
- 15 May 2026
- Rebekah Brown, Andreas Sfakianakis
Leveraging Large Language Models for Cross-Vendor Firewall Configuration Migration: A Comparative Case Study of Claude and ChatGPT
Research PaperArtificial IntelligenceThis paper investigates how two current-generation large language models (LLMs) perform on a single, representative firewall migration task.
- 12 May 2026
- Omar Zaman
AI-Human Collaboration in Modern SOCs
Research PaperArtificial IntelligenceEnterprises face upwards of 3,000 security alerts daily, and according to the SANS 2025 SOC Survey, two-thirds of security operations center (SOC) teams cannot keep pace.
- 17 Mar 2026
- Mathias Fuchs
2026 Cybersecurity Workforce Research Report by SANS | GIAC
Research PaperCybersecurity LeadershipThe cybersecurity workforce is at a turning point. AI is transforming how work gets done, regulators are redefining ‘qualified,’ and organizations are recognizing that the right skills, not headcount, are what drive success. As AI reshapes the cyber workforce, this report helps leaders make informed decisions and shows practitioners where skills and careers are heading.
- 11 Mar 2026
- SANS Institute, GIAC Certifications
Eliminate Endpoint Blind Spots: Real-Time Security and Governance with Autonomous AI
Research PaperCybersecurity InsightsTanium’s Autonomous Endpoint Management (AEM) offers a new path forward. AEM combines real-time visibility with artificial intelligence and automation, allowing organizations to safely manage their enterprise at scale while remaining continuously updated through live data.
- 25 Nov 2025
- Jonathan Risto
Enhancing Security Operations with Google Threat Intelligence
Research PaperOffensive OperationsThis product review examines how Google Threat Intelligence's extensive data sources, real-time insights, and investigative capabilities can elevate SecOps workflows and strengthen an organization’s defensive posture.
- 24 Nov 2025
- Dave Shackleford
Autonomous Endpoint Management: Next-Gen Endpoint Visibility Fueling SecOps and IT Ops with AI
Research PaperCloud SecurityThis First Look outlines how Tanium’s single-agent architecture and AI-powered capabilities empower teams to operate from a shared source of truth, reduce operational overhead, and achieve measurable ROI.
- 10 Nov 2025
- Matt Bromiley