Follows is a list of popular security blogs and websites for articles, etc.
If the future of IT is the cloud, then keeping up on the largest cloud provider and their moves in security is critical reading.
A bit niche, but privacy and security go hand-in-hand, and there is no better blogger on the Canadian privacy scene than David Fraser.
Cisco is still one of the biggest players world-wide, keeping up to date on their moves in the security market is de riguer.
An infrequent poster, this blog focuses on the area of cybercrime and punishment.
A longstanding publication that covers a wide range of security topics.
Hacking tools, news and cybersecurity. Good for the red team to keep up on, or the blue team to see some of the tools used by the other side.
Home to Mikko Hypponen, one of the few ‘cyber celebrities’ in our industry.
FireEye, home of Mandiant, published the famous APT1 report that changed attribution in the industry forever. They continue to publish great work and articles.
They’ve got all your data, so we better hope they know a thing or three about security. Turns out they do.
Honestly not sure exactly who these people are, but they publish good content.
If you read nothing else, read Krebs. The guy taught himself Russian so he could infiltrate the carder gangs, has been SWATed by hackers upset with his exposés and generally is the best read you can
A webcomic about security and technology. It’s no xkcd but it’s more consistently on-topic.
Sophos’ security news blog.
Exploit/patch focused security blog.
Threat research from Unit 42, place they host the Cyber Security Canon (recommended books to read).
Vulnerabilities, security updates and more from the industry leader in security education.
Bruce Schneier links to his writings, high profile security topics, and squid.
Richard Bejtlich blog’s on security, military history and more.
Like it says on the tin.
A list of good security podcasts for your drive, commute, walk, hike, gym workout.
A podcast all about the world of Security, Privacy, Compliance, and Regulatory issues that arise in today's workplace.
More signal, less noise — they distill the day’s critical cyber security news into a concise daily briefing and podcast.
Looking at breaches from the perspective of the defender - lessons learned and what to do in your organization.
Dedicated to helping develop security awareness.
Want to disappear. This podcast claims to teach you techniques to become completely invisible online. OpSec to 11.
Always on the shortlist of security professional’s favourites, a weekly interview series.
Johannes Ullrich covers the day’s security news in a blitz-like 6-8 minutes every single weekday. The guy is a machine.
The Security Ledger is an independent security news website and podcast that explores the intersection of cyber security with business, commerce, politics and everyday life.
Steve Gibson and Leo Laporte dive into security topics of the day in deep, detailed conversations. A very nice combination of clear explanations without talking down to the audience.
For security professionals, by security professionals. Starring Paul Asadoorian and crew.
A weekly podcast that brings you timely stories, news and tips for living more secure and private in a connected world.
My old friends Graham Cluley and Carole Theriault have put together this award winning podcast.
Working on the soft and gooey part of your security stance. People.
Information security news and interviews, from a southern viewpoint.
This feed combines several podcasts covering a wide range of security topics.
Daniel Miesller curates security and technology news into a 5-20 minute podcast weekly. A particular fan of machine learning, he even tried getting a machine to read his podcast for him (unsuccessfully).
Books & Reports
Got some quiet time? Unwind with one of these fantastic security-related fiction and non-fiction works.
Verizon Business Services