GIAC Research Papers
Explore GIAC research papers authored by certified professionals, covering real-world cybersecurity topics including cloud security, incident response, digital forensics, and AI.
The Strategic Case for Web Traffic Inspection Beyond the Endpoint
Research PaperCloud SecurityThis paper explores a practical, phased approach to adopting Secure Web Gateway (SWG) capabilities—from basic URL filtering to TLS inspection, inline DLP, and broader Security Service Edge (SSE) integration.
- 25 Jun 2026
- Aaron Cure
USB: Universal Security Breach or Uniquely Secured Bus? Assessing the Effectiveness of Windows 11 Group Policy at Controlling USB Device Installation for Budget-Constrained Security Teams
Research PaperCyber DefenseThis study evaluates three progressively granular Windows 11 Group Policy (GPO) configurations—class-based blocking, VID/PID allowlisting, and Device Instance ID allowlisting—against legitimate business peripherals and a Hak5 USB Rubber Ducky configured as a composite BadUSB device, using the Windows 11 v25H2 Security Baseline as the unmodified reference state.
- 22 Jun 2026
- Kire Jacobson
Investigating Operating System Variations in IPv6 Implementations
Research PaperCyber DefenseThis research tested the four most common operating system families, Windows, Linux, macOS, and BSD, for RFC compliance and behavioral differences across a controlled set of IPv6 test cases. Because RFC specifications leave many implementation details to the developer, behavior was expected to diverge, and the testing confirmed that it did.
- 22 Jun 2026
- Donovan Rodriguez
Cloud Ace Journeys: The Analyst Flight Plan
Research PaperCloud SecurityCloud security analysts are responsible for securing environments, detecting threats, locking down identity, and responding to breach.
- 18 Jun 2026
- SANS Institute
2026 SANS SOC Survey Insights: A Decade of Evolution in Cyber Defense
Research PaperSecurity AwarenessSANS 2026 SOC Survey findings that dive into: where SOCs are investing, where they are struggling, and where the gap between high-performing teams and everyone else is widening.
- 15 Jun 2026
- Christopher Crowley
From Alert to Evidence: Evaluating AI Agents for Cyber Forensic Triage
Research PaperArtificial IntelligenceCyber defense teams are beginning to experiment with large language models in security operations, but their usefulness in digital forensics and incident triage is still uncertain.
- 11 Jun 2026
- Connor Blackard
Securing the Sun: Impact-Effective Cybersecurity Controls for Solar SCADA
Research PaperIndustrial Control Systems SecurityBased on research conducted with a custom-built lab emulating a utility-grade solar SCADA network, this paper details the greatest impact on a solar site, in the form of physical consequences to power generation capabilities.
- 11 Jun 2026
- Wesley D. Barrier
Know Your Blind Spots: Better Visibility Through EDR Policy Hardening
Research PaperDigital Forensics and Incident ResponseEndpoint Detection and Response (EDR) tools identify, detect, and respond to anomalous behavior.
- 9 Jun 2026
- Joshuah Williams
Risk-Adaptive Data Loss Prevention: Behavioral Intelligence with DLP
Research PaperCyber DefenseRisk-Adaptive Data Loss Prevention: Behavioral Intelligence with DLP
- 4 Jun 2026
- Matt Bromiley
2026 SANS Cyber Threat Intelligence (CTI) Survey Insights
Research PaperCyber DefenseEvery year, the SANS CTI Survey gets sharper. This year, it takes a step the field has needed for a while. For the first time, the 2026 survey includes a dedicated module for security executives, capturing responses from 67 CISOs and CSOs.
- 15 May 2026
- Rebekah Brown, Andreas Sfakianakis
Leveraging Large Language Models for Cross-Vendor Firewall Configuration Migration: A Comparative Case Study of Claude and ChatGPT
Research PaperArtificial IntelligenceThis paper investigates how two current-generation large language models (LLMs) perform on a single, representative firewall migration task.
- 12 May 2026
- Omar Zaman
AI-Human Collaboration in Modern SOCs
Research PaperArtificial IntelligenceEnterprises face upwards of 3,000 security alerts daily, and according to the SANS 2025 SOC Survey, two-thirds of security operations center (SOC) teams cannot keep pace.
- 17 Mar 2026
- Mathias Fuchs