Tag Archives: Information security sites

Best information security news and email feeds

Here are the information security news feeds/email subscriptions I subscribe to in order to stay current with the latest in information security news. Drop me a line if you have others that you follow that should be added to the list. I am including details about average number of posts per week when they are available because I know it is easy to get swamped in reading material and understanding frequency of publishing vs. value you get from it is important so you can efficiently use your time.

RSS subscriptions

  • SANS Newsbites – SANS is my go to resource for information security related news and training.
  • All of the US-CERT feeds – I view the US CERT organization as a leading authority along with SANS and subscribe to all of their feeds most of them average less than 1 per week which is manageable.
  • NIST.ORG – Network Information Security & Technology News organization is a leading authority on all things information security.
  • Help Net Security – Excellent source with concise articles detailing the latest in information security threats, tools, and news.
  • Krebs on Security – Nice in depth security investigations especially around the underground criminal market in information security assets.
  • Darkreading Weblog – Good source for staying on top of the latest security compromises and exploits. Averages 20 posts per week
  • Infoworld Security Blog – Covers a variety of diverse and useful information security topics. Averages 1 post per week
  • Experian Data Breach Blog – Provides info around data breaches and things you can do to help stay secure. Averages 1.2 posts per week
  • SearchSecurity: Threat Monitor – Good summary of current information security threats in the wild. Averages .2 posts per week
  • SearchSecurity: Security Wire Daily News – Feed for general information security information around a variety of topics. Averages 3.5 posts per week
  • Qualys Newsletter – Security feed put out by Vendor Qualys I use it to get a vendor’s take on vulnerabilities and vulnerability management best practices. Averages .7 posts per week
  • Eeye Security Blog – Eeye Digital Security’s blog for keeping track of their information security ideas and news. Averages 1.6 posts per week.
  • SC Magazine Cybercrime Corner – Another source for staying on top of cybercrime news. Averages 2 posts per week.

Email newsletters

  • SANS Security Awareness Newsletter – Nice monthly newsletter that can be used for internal information security awareness campaigns.
  • SANS @RISK Newsletter – Weekly newsletter that summarizes the top 3-8 vulnerabilities that currently matter most and how to mitigate the risk from them.
  • Security Focus Mailing lists – I subscribe to a few of the many different mailing lists they offer including Web Application Security and Penetration Testing. I used to subscribe to the popular BUGTRAQ but opted out due to the volume.
  • Slashdot newsletter – Useful cutting edge information security stuff here but I get the summary newsletter because the general RSS feed is very busy and difficult to stay on top of.
  • Microsoft Monthly Newsletter – Nice email newsletter for those of you using and trying to secure Microsoft products
  • Apple security mailing list – For you Apple fans to keep on top of security issues (yes security things happen on Apple devices too, and expect it to expand in the future)