Resiliency and Business Continuity in the Cloud Era
Outages happen—even in the cloud. In this white paper, Dave Shackleford unpacks today’s evolving cloud threat landscape and walks you through how to design a modern, resilient business continuity and disaster recovery (BC/DR) plan that holds strong in the face of unexpected interruptions.
sans-White-Paper-Broadcom (PDF, 1.83MB)
21 May 2025Related Content
Cloud Security Groundhog Day: Avoiding Recurring Mistakes in a Dynamic Landscape
Research PaperDownload the SANS ebook and learn how to strengthen your cloud and AI security strategies.
- 16 Oct 2025
- Dr. Anton Chuvakin, Dr. Paul Vixie, Frank Kim, Simon Vernon, Brandon Evans, Dave Shackleford, Wesley Kuzma
ZTA Unpacked: The Critical Technical Components of Zero Trust Architecture
Research PaperThis paper demystifies the technical foundation of Zero Trust Architecture (ZTA) and outlines the key technologies that drive modern, mature implementations.
- 15 Aug 2025
- Greg Scheidel
SANS 2025 Security Awareness Report
Research PaperNow in its 10th year, the SANS Security Awareness Report remains the definitive, practitioner-built resource for understanding and managing the human side of cybersecurity.
- 12 Aug 2025
- Lance Spitzner
Navigating the Challenges of Securing Hybrid Environments
Research PaperThis paper explores ways to bring clarity and control back to your hybrid security strategy—with practical guidance on Zero Trust, unified monitoring, and the evolving role of AI in modern defense.
- 24 Jul 2025
- Matt Bromiley
Securing Azure with PIM: A Just-in-Time Access Study
Research PaperThis study assesses Azure Privileged Identity Management (PIM) and its Just-in-Time access model within a controlled Azure environment, simulating enterprise scenarios across Azure Subscription Roles.
- 11 Jul 2025
Be a DLP Hero: How to Quickly Deliver Value from Your DLP Program and Set It Up for Future Success
Research PaperDownload this paper and learn how to launch or strengthen your data loss prevention (DLP) program.
- 3 Jun 2025
- Kevin Garvey
SANS 2025 CTI Survey Webcast & Forum: Navigating Uncertainty in Today’s Threat Landscape
Research PaperThis paper explores results from the SANS 2025 CTI Survey, with insights into how cybersecurity...
- 20 May 2025
- Rebekah Brown, Andreas Sfakianakis
Collaborative Mobile App Security Development and Analysis
Research PaperIn this tactical, insight-rich review, Jeroen Beckers shares how to overcome mobile app security challenges and modernize your testing with Corellium’s virtual device platform—built for real-world conditions and faster results.
- 19 May 2025
- Jeroen Beckers
Out-of-Band Defense: Securing VPNs from Password-Spray Attacks with Cloud Automation
Research PaperThis research examines an out-of-band solution to detect and block password-spray attacks on Remote Access VPN services, addressing vulnerabilities like Cisco’s CVE-2024-20481 amid rising threats post-COVID-19.
- 12 May 2025
- SANS Institute
A Pebble In the Ocean: Maximizing Log Fidelity In Container Environments
Research PaperLog fidelity is crucial for Incident Response Teams to investigate and contain cyber incidents but can be difficult to optimize in containerized environments.
- 17 Apr 2025
Securing the Future with Microsoft Defender for Cloud: Best Practices and Insights
Research PaperIn this paper, you’ll learn how to enhance your cloud security posture through actionable insights and use cases involving Microsoft Defender for Cloud.
- 26 Mar 2025
- Dave Shackleford
ARMO’s Behavioral Cloud Application Detection and Response (CADR) Platform
Research PaperThis paper explores how ARMO Platform is attempting to solve the challenge with the industry’s first behavioral cloud application detection and response (CADR) product.
- 18 Mar 2025
- Moses Frost
ASPM: Understanding the New Application Security Landscape
Research PaperMalicious actors continue to prey on the challenges of rapid software development cycles and cloud computing adoption. This paper examines where an application security posture management (ASPM) solution comes in.
- 18 Mar 2025
- Chris Edmundson, SANS Institute
2025 ICS/OT Cybersecurity Budget: Spending Trends, Challenges, and the Future
Research PaperThis white paper explores the findings of the 2025 SANS Survey on ICS/OT Security Budgets.
- 3 Mar 2025
- Dean Parsons
Empowering Responders with Automated Investigation
Research PaperThis white paper investigates how Binalyze’s AIR platform reduces the overhead of forensic investigations by automating the process of collecting artifacts, triaging the data, and identifying next steps.
- 18 Feb 2025
- Megan Roddie-Fonseca
The Flavor of Clouds: Are Some Cloud Platforms More Attractive to Attackers?
Research PaperSignificant financial loss and sensitive data exposure continue to be a significant risk for entities that host systems in the cloud.
- 17 Feb 2025
Google SecOps: The SIEM’s Third Act
Research PaperDiscover how SecOps is ushering in the "SIEM's Third Act" by addressing the limitations of traditional SIEMs and empowering security teams with cutting-edge tools for threat-informed defense.
- 21 Jan 2025
- Mark Orlando
Unveiling the Dependency on Network Telemetry: Optimizing Lateral Movement Detection
Research PaperThis study investigates the dependency on network and endpoint telemetry for identifying lateral movement attacks, focusing on the Remote Services technique from MITRE ATT&CK.
- 17 Jan 2025
Detecting Azure Hybrid Machine Attack Paths with Graph Theory
Research PaperThis research extends the data collected by the security tool BloodHound to uncover hidden connections between on-premises devices and their cloud identities within an Azure environment.
- 7 Jan 2025
Beyond Detection: Using Real Phishing Data to Gauge Security Training Program Success
Research PaperThis paper defines one method of network security monitoring in an organization to find these existing indicators.
- 7 Jan 2025