Ongoing Development - blogs, podcasts, reading

Ongoing Development - blogs, podcasts, reading


Follows is a list of popular security blogs and websites for articles, etc.

AWS Security Blog

If the future of IT is the cloud, then keeping up on the largest cloud provider and their moves in security is critical reading.

Canadian Privacy Law Blog

A bit niche, but privacy and security go hand-in-hand, and there is no better blogger on the Canadian privacy scene than David Fraser.

Cisco Security Blog

Cisco is still one of the biggest players world-wide, keeping up to date on their moves in the security market is de riguer.

Cybercrime and doing time

An infrequent poster, this blog focuses on the area of cybercrime and punishment.

Dark Reading

A longstanding publication that covers a wide range of security topics.


Hacking tools, news and cybersecurity. Good for the red team to keep up on, or the blue team to see some of the tools used by the other side.

F-Secure’s Anti-Virus Blog

Home to Mikko Hypponen, one of the few ‘cyber celebrities’ in our industry.

FireEye Threat Research Blog

FireEye, home of Mandiant, published the famous APT1 report that changed attribution in the industry forever. They continue to publish great work and articles.

Google Security Blog

They’ve got all your data, so we better hope they know a thing or three about security. Turns out they do.

Help-Net Security Blog

Honestly not sure exactly who these people are, but they publish good content.

Krebs on Security

If you read nothing else, read Krebs. The guy taught himself Russian so he could infiltrate the carder gangs, has been SWATed by hackers upset with his exposés and generally is the best read you can

Little Bobby

A webcomic about security and technology. It’s no xkcd but it’s more consistently on-topic.

Naked Security

Sophos’ security news blog.

Packet Storm

Exploit/patch focused security blog.

Palo Alto Networks Blog

Threat research from Unit 42, place they host the Cyber Security Canon (recommended books to read).

SANS Internet Storm Centre

Vulnerabilities, security updates and more from the industry leader in security education.

Schneier on Security

Bruce Schneier links to his writings, high profile security topics, and squid.


Richard Bejtlich blog’s on security, military history and more.

RSA Security Blogs

Like it says on the tin.


A list of good security podcasts for your drive, commute, walk, hike, gym workout.

Brakeing Down Security

A podcast all about the world of Security, Privacy, Compliance, and Regulatory issues that arise in today's workplace. 

The CyberWire

More signal, less noise — they distill the day’s critical cyber security news into a concise daily briefing and podcast.

Defensive Security Podcast

Looking at breaches from the perspective of the defender - lessons learned and what to do in your organization.


Dedicated to helping develop security awareness.


Want to disappear. This podcast claims to teach you techniques to become completely invisible online. OpSec to 11.

Always on the shortlist of security professional’s favourites, a weekly interview series.

SANS Internet Storm Centre Daily

Johannes Ullrich covers the day’s security news in a blitz-like 6-8 minutes every single weekday. The guy is a machine.

The Security Ledger

The Security Ledger is an independent security news website and podcast that explores the intersection of cyber security with business, commerce, politics and everyday life.

Security Now

Steve Gibson and Leo Laporte dive into security topics of the day in deep, detailed conversations. A very nice combination of clear explanations without talking down to the audience.

Security Weekly

For security professionals, by security professionals. Starring Paul Asadoorian and crew.

Shared Security Podcast

A weekly podcast that brings you timely stories, news and tips for living more secure and private in a connected world. 

Smashing Security Podcast

My old friends Graham Cluley and Carole Theriault have put together this award winning podcast.

Social Engineer Podcast

Working on the soft and gooey part of your security stance. People.

The Southern Fried Chicken Podcast

Information security news and interviews, from a southern viewpoint.

Paul’s Security Weekly

This feed combines several podcasts covering a wide range of security topics.

Unsupervised Learning

Daniel Miesller curates security and technology news into a 5-20 minute podcast weekly. A particular fan of machine learning, he even tried getting a machine to read his podcast for him (unsuccessfully).