All Things Security

Our take on the daily happenings in the world of Application Security

Top 20 Security Blogs

Posted by Niru Raghavan in ALL THINGS SECURITY, February 28, 2012 | Comments (13)  

Veracode’s nomination for “Best Corporate Security Blog” at the 2012 Social Security Bloggers Awards got the Veracode Marketing team thinking about the other great information security blogs we follow. The Marketing team thought it would be fun to compile a list of what we think are the best 20 information security blogs.

We used a very scientific process to compile this list. Inputs included – quality of blog content (from both a technical and an entertainment standpoint), level of authority of contributors, frequency of updates, overall appearance and our own subjectivity :)

All the team members weighed in, and after some serious debating , we settled on the following list (in no particular order).

Fortinet Security Blog
Naked Security Blog
Cognitive Dissidents Blog with Joshua Corman
The New School of Information Security Blog
Dark Reading Blog
Securosis Blog
Krebs on Security with Brian Krebs
Thought Crime Blog with Moxie Marlinspike
Schneier on Security with Bruce Schneier
Root Labs RDIST with Nate Lawson
Threatpost Blog
Zero Day Blog with Ryan Naraine and Dancho Danchev
Rational Survivability Blog with Christofer Hoff
Securelist Blog
TaoSecurity with Richard Bejtlich
F-Secure News from the Lab Blog
Andrew Hay Blog
Uncommon Sense Security Blog with Jack Daniel
Network Security Blog with Martin McKeay
SANS AppSec Blog with Frank Kim

Additionally, I would like to give a nod to the folks at the Security Bistro Blog. Their blog is too young for this list (having just launched in January 2012) but is off to an excellent start, featuring good commentary from a mix of reputable authors.

So there you have it. As usual I encourage people to weigh in on our picks and offer suggestions of their own.

Written by:

13 Comments »

Thanks! Picked up a few new feeds for my reader subscriptions.

Comment by Blake — February 28, 2012 @ 2:18 pm

Nice list!
you can also find more blogs in http://www.hackplayers.com/2010/04/100-it-security-blogs-in-english.html#more, although we’ve to update our compilation…

Comment by hackplayers — February 28, 2012 @ 6:25 pm

There is also “Hagai Bar-El on Security” at http://www.hbarel.com/blog. Not too frequent posts, but usually sensible analysis and no time-wasters.

Comment by Jeff K. — March 9, 2012 @ 4:47 pm

ZDnets’ Zero Day blog is pretty much an essential element in any penetration testers RSS feed. Some other nice ones in that list such as the ‘Uncommon Sense Security Blog’ I’ll be keeping an eye on too!

Comment by Mike K — September 21, 2012 @ 10:08 am

For my Google Reader I use: CSO, NetworkWorld, Slashdot, SANS ISC

Comment by Anthony G — November 4, 2012 @ 8:17 pm

Add to that list http://underurhat.com

Comment by wufoo — December 3, 2012 @ 6:21 pm

Another blog where we aim to provide relevant security content The State of Security http://www.tripwire.com/blog

Comment by Cindy — December 12, 2012 @ 2:31 pm

Another good information security blog is Security Spotlight. http://www.jurinnov.com/security-spotlight

Comment by Roger Blair — December 17, 2012 @ 8:50 am

Why is there no clear distinction between “security” and “IT & web/cyber security” when searching for security issues and subjects on the web? If you try use the web to do some research, gather important info & references or want to read up on the subject, they always appear together! In my mind this is so wrong! “IT and cyber security” form only a part of the entire security field. I strongly feel there should be a clear separation between the two (each security sector should be in its own category under the security umbrella) to allow speedier and more accurate searches. The two appearing in unison is irritating and a waste of time. I get the impression that IT and cyber security suddenly are more important than the whole security field itself and are thus getting too much exposure.

Comment by wolf — February 20, 2013 @ 8:23 am

One of my personal favorites has been the blog over at Solera Networks. You can go there directly at soleranetworks.com/blogs/

Comment by Robert Zannet — February 21, 2013 @ 5:35 pm

Another good one in german: http://www.kuketz-security.de

Comment by Marlin Ralfen — March 6, 2013 @ 9:22 am

My fault: http://www.kuketz-blog.de

Comment by Marlin Ralfen — March 6, 2013 @ 9:23 am

Have you looked at http://www.cert.org/blogs/certcc/ ?

Comment by jspring — May 10, 2013 @ 10:40 pm

RSS feed for comments on this post. TrackBack URI

Leave a comment


Schedule Demo Veracode Trial
Mobile Security

Sql Injection

cyber security

Categories

Archive

Powered by WordPress