There are hundreds of InfoSec blogs in the webosphere. Some are clear leaders in the industry, widely regarded as thought leaders and earning recognition from just about everyone in the security field as being among the best of the best. Some started out strong but fizzled out after a few short months, while others have compiled hundreds – thousands, even – of in-depth perspectives on a variety of security topics (from general cyber security to specific topics like data loss prevention (DLP) over the course of nearly a decade.

We scoured the far corners of the web to dig up some of the best, most insightful and informative InfoSec blogs in existence for our newly-updated list for 2019. Not only the blogs you've seen named time and time again in best-InfoSec-blogger lists, but also some hidden gems you may not have known existed but will be glad you've finally discovered. These blogs provide deep insights from some of the leading information security professionals; in-the-trenches viewpoints from security experts who have spent decades working in the field and consulting with the world's largest enterprises, universities, the U.S. Government, startups, and other entities.

These bloggers tackle major security news, InfoSec hacks, tricks, and discoveries, offer tutorials and solutions for problems they've encountered in their day-to-day work, and sometimes bring a little humor to the fascinatingly complex world of information security. Note: These blogs are categorized, and listed alphabetically within each category - they aren't ranked or rated in any other way.

Categories:

• Security Researcher Blogs
• Vendor Blogs
• Security News Blogs

Security Researcher Blogs

Adam Shostack and Friends

@adamshostack

Formerly Emergent Chaos, Adam Shostack and Friends is a blog that's been covering security, privacy, and economics (among other unrelated topics) since 2005. Shostack is also the author of author of Threat Modeling: Designing for Security and co-author of The New School of Information Security.

Three posts we like from Adam Shostack and Friends:

• Jonathan Marcil’s Threat Modeling Toolkit talk
• Doing Science With Near Misses
• The Security Principles of Saltzer and Schroeder

Andrew Hay

@andrewsmhay

Andrew Hay is the Co-Founder & Chief Technology Officer (CTO) for LEO Cyber Security, where he's responsible for driving of the strategic vision for the company, as well as the development and delivery of the company's cyber security, digital forensics, incident response, cloud architecture, and advanced research centers of excellence. Hay has held roles for companies such as 451 Research, DataGravity, and Open DNS, where he served as Senior Security Research Lead & Evangelist. He’s often approached to provide expert commentary on security-industry events in the media, including both mainstream publications such as USA Today and niche publications such as TechTarget and Network World. We also have a podcast episode with Hay discussing the rise of the virtual CISO. You can access Hay’s insights directly at his personal blog, where he covers topics he hand-picks based on personal interest and importance to the field.

Three posts we like from Andrew Hay:

• Security Beyond The Perimeter
• Petya Ransomware: What You Need to Know and Do
• Diving into the Issues: Observations from SOURCE and AtlSecCon

Byron Acohido’s Last Watchdog on Privacy & Security

@byronacohido

A Pulitzer prize-winning journalist, Byron Acohido is the founder and executive editor of The Last Watchdog on Privacy & Security. Cybersecurity first gained Acohido's attention in 2000 when he joined the Money section of USA TODAY to cover Microsoft. Since that time, Acohido has authored several books and covered the cybersecurity space through articles, podcasts, and videos, all of which you can access at The Last Watchdog.

Three posts we like from The Last Watchdog:

• MY TAKE: Turning a blind eye: 73% of companies are ill-prepared to defend cyber attacks
• MY TAKE: Here’s how the U.S. economy would lose $15 billion from a 3-day cloud outage
• NEWS WRAP-UP: Meltdown, Spectre discovered in the wild – live hardware attacks one step closer

Dan Kaminsky’s Blog

@dakami

Dan Kaminsky has advised Fortune 500 companies like Cisco, Avaya, and Microsoft, and he’s been a well-known security researcher for more than a decade. His blog, formerly known as DoxPara Research, features in-depth posts with insights on the most pressing security issues facing the industry, such as Heartbleed. It’s kind of like picking Kaminsky’s brain from the comfort of your desk.

Three posts we like from Dan Kaminsky’s Blog:

• Hacking the Universe with Quantum Encraption
• The Cryptographically Provable Con Man
• Read My Lips: Let’s Kill 0Day

Elie Bursztein

@elie

Elie Bursztein leads Google’s anti-abuse research efforts, sharing his insights on topics relevant to the world of InfoSec on his personal blog. Bursztein has some impressive achievements under his belt, such as the re-design of Google’s CAPTCHA to make it easier (an effort much-appreciated by Internet users everywhere), implementing faster cryptography to make Chrome safer, and identifying and reporting more than 100 security vulnerabilities to companies like Apple, Microsoft, Twitter, and Facebook.

Three posts we like from Elie Bursztein:

• Inside Mirai the infamous IoT Botnet: A Retrospective Analysis
• Unmasking the ransomware kingpins
• Exposing the inner-workings of the ransomware economy

Graham Cluley

@gcluley

Graham Cluley has more than 70,000 followers on Twitter alone, and it’s no surprise given his impressive coverage of InfoSec news and developments. He’s an independent computer security analyst who’s been working in the field since the 1990's, giving him plenty of background and expertise to offer expert commentary on the latest happenings in information security and related topics. In addition to Cluley’s expertise, you can gain insights from a panel of regular contributors featuring several highly-regarded experts in the field. You’ll find plenty of tips for everyday users, along with deep insights into critical security developments.

Three posts we like from Graham Cluley:

• “Killer text bomb” crashed iPhones, iPads, Macs, and Apple Watches
• 12 Common Threat Intelligence Use Cases
• Government websites hijacked by cryptomining plugin

Hacking Articles

@rajchandel

Founded and authored by Raj Chandel, Hacking Articles is a comprehensive source of information on cyber security, ethical hacking, penetration testing, and other topics of interest to information security professionals. Chandel’s primary interests lie in system exploitation and vulnerability research, but you’ll find tools, resources, and tutorials on everything from social engineering to footprinting, Google hacking, and more.

Three posts we like from Hacking Articles:

• Hack the Game of Thrones VM (CTF Challenge)
• Bind Payload using SFX archive with Trojanizer
• Hack the Bsides London VM 2017(Boot2Root)

Holistic InfoSec

@holisticinfosec

Russ McRee has spoken at leading security conferences, such as Defcon, BlackHat, RSA, and others, and he leads the Blue Team for Microsoft's Windows and Devices Group (WDG). He also writes toolsmith, a monthly column in ISSA Journal, but shares many of his views and perspectives on his belief in a holistic approach to information security at Holistic InfoSec.

Three posts from Holistic InfoSec:

• toolsmith #131 - The HELK vs APTSimulator - Part 1
• toolsmith #128 - DFIR Redefined: Deeper Functionality for Investigators with R - Part 1
• Toolsmith Tidbit: Windows Auditing with WINspect

Jeff Soh on NetSec

@JeffSoh

Jeff Soh began blogging in 2007, and continues to share suggestions for intrusion analysts and other miscellaneous news on information security. Soh also offers book recommendations, product recommendations, and useful tips for information security professionals and everyday users.

Three posts we like from JeffSoh on NetSec:

• Transitioning from Blue Team to Red Team
• Simple Username Harvesting (from SANS SEC542)
• PacketTotal

Krebs on Security

@briankrebs

Brian Krebs is a household name in information security, and his blog is among the most well known and respected in the space. An investigative reporter at heart, Krebs comes from a journalist background and has honed his self-taught expertise through over a decade of dedicated interest in security. He is credited with discovering the Target data breach a few years ago and being the first to report on the Stuxnet worm in 2010.

Three posts we like from Krebs on Security:

• IRS Scam Leverages Hacked Tax Preparers, Client Bank Accounts
• New EU Privacy Law May Weaken Security
• Domain Theft Strands Thousands of Web Sites

Liquidmatrix Security Digest

@liquidmatrix

Liquidmatrix is committed to providing long-form articles and in-depth coverage of information security news and information, rebelling against the trend towards superficial coverage without added value. The brainchild of Dave Lewis, a self-professed “jack of all trades and master of none” who holds a day job at Akamai and has been working in the InfoSec field for two decades, Liquidmatrix has been up and running since 1998, making it one of the oldest, established InfoSec blogs remaining current.

Marco Ramilli’s Blog

@Marco_Ramilli

A computer scientist researcher with an intensive hacking background, Marco Ramilli has been working with the U.S. Government and several leading universities on new security paradigms, penetration testing methodologies and electronic voting systems' security, and malware. His blog, which he started back in 2007, is a reflection of his many experiences in the security field. Ramilli, a TEDx speaker, CTO at Yoroi, and an expert in ethical hacking, advanced targeted attacks, and malware evasion, has earned multiple honors and awards for his work.

Two posts we like from Marco Ramilli’s Blog:

• Huge Botnet Attacking Italian Companies
• Advanced 'all in memory' CryptoWorm

Matt Flynn’s Information Security, Identity & Access Management Blog

@matthewflynn

Matt Flynn is an information security specialist and industry analyst. His personal blog, which reflects his own opinions, covers identity management and security, software, services, processes, and analyses. He’s been blogging since 2006 and has built an impressive collection of posts and perspectives over the years on topics impacting information security professionals.

Three posts we like from Matt Flynn’s Information Security, Identity & Access Management Blog:

• New World, New Rules: Securing the Future State
• Hyperbole in Breach Reporting
• Encryption would NOT have saved Equifax

NoticeBored

@NoticeBored

Gary Hinson is the blogger behind NoticeBored, where he covers information security topics that catch his eye. Hinson was born and studied in the U.K., and worked in London, Swindon, Bristol, and Brussels before moving to New Zealand in 2005. Hinson covers topics of interest to both consumers and security professionals, with a casual style that allows him to talk about complex security happenings in a language everyone can understand.

Three posts we like from NoticeBored:

• NBlog February 17 - The I part of CIA
• NBlog February 16 - innovative malawareness
• NBlog February 14 - IoT security & privacy standard

Observations on InfoSec

@DanielMiessler

Daniel Miessler is an information security professional, who uses his blog as a platform for collecting and organizing technical knowledge. With information and posts beginning as early as 1999, Daniel provides a robust site and blog for anyone interested in technology and information security.

Three posts we like from Observations on InfoSec:

• Information Security Professionals Cannot Be Luddites
• I Grow Tired of Technologists Who Don’t Understand the Internet of Things
• The Future of Attack and Defense is AI

Robert Penz Blog

@RobertPenz

The Robert Penz Blog covers information about Linux, open source, and IT security, including tips, tricks, and small scripts. Robert became interested in infosec as a student and wrote his masters' thesis on "Analysis and design of a SIM based authentication solution for WLAN”.

Three posts we like from Robert Penz Blog:

• A security minded guy forced to buy a Wifi enabled cleaning robot
• WannaCry happened and nobody called me during my vacation – I tell you why
• Mitigating application layer (HTTP(S)) DDOS attacks

Roger's Information Security Blog

@InfoSecTweet

Roger McClinton started his blog back in 2004, primarily as a means to collect the links and research he wanted to easily refer to later. But as time went on, he started adding commentary and to his surprise, his blog developed a substantial readership. After a brief hiatus in the second half of 2013, Roger is again offering news and commentary on all things InfoSec, musings about his current employment situation, and the occasional personal anecdote.

Three posts we like from Roger's Information Security Blog:

• Deploying a new security product
• SMBv1 isn’t safe
• Siri Lock Screen Bypass in news your non security friends read

Schneier on Security

@schneierblog

Bruce Schneier's blog is another one of those must-haves for a list like this. Schneier has been writing about security issues here since 2004, and in his popular monthly newsletter since 1998, focusing on topics like cryptography, privacy, and government. A renowned cryptography expert, Bruce is also a leading author and speaker in the space.

Three posts we like from Schneier on Security:

• Can Consumers' Online Data Be Protected?
• Internet Security Threats at the Olympics
• Signed Malware

Security Through Education

@humanhacker

A free learning resource from Social-Engineer, Inc., Security Through Education focuses on the blend of science, psychology and art that is social engineering – and how it’s used by penetration testers and security enthusiasts. It’s all brought to you by a team of leading professional social engineers, psychologists, researchers, scientists and security enthusiasts. In addition to the blog, you’ll find a newsletter, podcast, and much more to ensure that you’re always in the know, entertained, and never out of consumable security media.

Three posts we like from Security Through Education:

• Insider Threats – Recognize and Respond to the Risk Within
• Advances in Machine Learning
• Social Media – Don’t Get Burned By Overexposure

TaoSecurity

@taosecurity

TaoSecurity is FireEye Chief Security Strategist Richard Bejtlich's blog. For over a decade, TaoSecurity has been a source of expertise on cybersecurity, hacking, security strategy, threats, and more. Richard is a recognized security author and his blog contains a great amount of educational security resources.

Three posts we like from TaoSecurity:

• The Origin of Threat Hunting
• Spectre and Meltdown from a CNO Perspective
• On "Advanced" Network Security Monitoring

Tech Wreck InfoSec Blog

The Tech Wreck InfoSec Blog is run by an Information Assurance Engineer, covering a variety of topics pertaining to information security and related news. The blog provides articles of use to both consumers and security professionals.

Three posts we like from Tech Wreck InfoSec Blog:

• The complete list of Infosec related cheat sheets
• How To Build And Run A SOC for Incident Response - A Collection Of Resources
• Network security & sysadmin wiki - how to get the daily tasks done right

Tony on Security

@perezbox

Tony Perez has spent the better part of the past 15 years working in a variety of tech industries, but today he focuses primarily on website security and business. He's the co-founder of Sucuri Security and also leads the GoDaddy SBU. Tony is' a prolific speaker on security-related topics. His blog is a chronicle of his thoughts and experiences as he strives to create "a new security standard for your online presence."

Three posts we like from Tony on Security:

• Google Begins Campaign Warning Forms Not Using HTTPS Protocol
• Phishing and Ransomware Leads to Security Concerns for Organizations
• Password Management

Troy Hunt

@troyhunt

Troy Hunt is a Microsoft Regional Director and MVP who creates Pluralsight courses and travels the world to train technology professionals and speak at technology and security events. He's a sought-after speaker and thought leader, making Hunt's blog a particularly worthy read for any infosec pro. Troy is also the creator of Have I Been Pwned, a free online resource to check if you've been compromised in a breach. Troy was also featured in one of our podcasts, Episode 15: Talking Data Breaches and Getting Pwned.

Three posts we like from Troy Hunt:

• Making Light of the "Dark Web" (and Debunking the FUD)
• Data breach disclosure 101: How to succeed after you've failed
• How Long is Long Enough? Minimum Password Lengths by the World's Top Sites

Uncommon Sense Security

@jack_daniel

Uncommon Sense Security is the blog of Tenable Network Security Strategist and Security BSides co-founder Jack Daniel. While Jack's updates are not as frequent as they once were, his blog still serves as a trove of infosec knowledge on topics such as vulnerabilities, small business infosec, data breaches, the infosec community, and more. A self-described "infosec curmudgeon," Jack's insights, opinions, and humorous writing style are always worth a read.

Three posts we like from Uncommon Sense Security:

• Blog-ified Tweetstorm
• Doing it wrong, or “us and them”
• I thought everyone knew this by now

Vendor Blogs

AlienVault Blog

@alienvault

A leading provider of unified security management and community-powered threat intelligence solutions, AlienVault maintains an informative blog covering topics of interest to the infosec community, including news, emerging threats, tips and tricks, and more.

Three posts we like from AlienVault Blog:

• Mitigating Blockchain Analysis: Mixing Cryptocurrency
• How Dangerous are Impersonation Attacks?
• How to Handle Meltdown and Spectre: Patch, But Don’t Rush It

...And You Will Know Us by the Trail of Bits

@trailofbits

...And You Will Know Us by the Trail of Bits is the official blog of Trail of Bits, an enterprise infosec consulting firm founded by Dan Guido and Alexander Sotirov. The blog offers expert infosec advice based on consulting experience at some of the world's most advanced security programs. The blog provides excellent educational content focused on vulnerabilities, exploits, malware, and more.

Three posts we like from ...And You Will Know us by the Trail of Bits:

• An accessible overview of Meltdown and Spectre, Part 1
• Videos from Ethereum-focused Empire Hacking
• How are teams currently using osquery?

BH Consulting IT Security Watch

@bhconsulting

BH Consulting IT Security Watch covers security news and major data breach news that impacts both consumers and enterprises, featuring insights from Brian Honan, Lee Munson, Gordon Smith, and other thought leaders and contributors. The blog is a monthly digital publication highlighting the most interesting news and articles related to the security field. Much of the coverage is relevant worldwide, though some are specific to BH Consulting news and Ireland.

Three posts we like from BH Consulting IT Security Watch:

• Prepare for breach: 10 steps to better incident response planning
• ISP’s Wi-Fi weakness highlights privacy and security shortfalls as GDPR approaches
• Reporting for duty: how sharing information helps to tackle cybercrime

Cisco Talos

@TalosSecurity

Cisco's industry-leading threat intelligence team aims to protect organizations' people, data, and infrastructure from active adversaries. The Talos blog was launched in 2008 and has become a comprehensive resource on the latest security approaches, emerging threats, and sound advice for protecting your organization from the evolving threat landscape.

Three posts we like from Cisco Talos:

• COINHOARDER: Tracking a Ukrainian Bitcoin Phishing Ring DNS Style
• Olympic Destroyer Takes Aim At Winter Olympics
• Targeted Attacks In The Middle East