Skip to main content

Information Overload: A Resource Starter Pack


Now I’ve spent weeks filling your heads with the how’s and whys of Cyber Security, possibly scarring you for life or worse (like helping you choose to enter the field), I suppose I should give you an extra boost, for I am a kind, benevolent Internet stranger. This is not a happy gift, it is one loaded with addiction, bleary-eyed mornings and red-eyed nights spent down this rabbit hole. This is how you keep on track of the outside world, and learn how to keep it from getting inside your nice, cosy, secure network. Say farewell to a social life, and hello to my last listicle of the year: welcome to my resource starter pack. Happy reading!

I would recommend learning a bit about your browser, how to run multiple instances of it and controlling users. Unless you are super-organised and proficient with bookmarks, you will need another browser instance for all your resources, both the ones you pick from below and those you find yourself. If you run Chrome, it might be time for a RAM upgrade!

Before I start categorising these links, there’s this one you might want to look at first. This might be one of the most important tools you can access, as it presents you with a one-stop shop of curated CyberSec feeds from varying trusted sources. Infosec Industry curates alerts, articles, Twitter feeds and more from some of the most respected sources in the field. Also really useful for training your eyes to read separately, and driving yourself mad.

Blogs

As you can imagine, like with every other subject matter on the planet, there are a lot of InfoSec blogs out there. Thousands of the damn things, actually, and not all of them good. You will get some of these from the Infosec Industry list above, but some are worth the separate mention.

Brian Krebs is one of those. Krebs on Security is one of the most widely respected and read security blogs in the world. He’s hot on the latest news and provides an in-depth analysis.

Daniel Miessler is a practicing InfoSec professional, and his blog is a very useful tool. His writing is clear and easy to follow, and he often posts detailed explanations and tutorials in various aspects of cyber security, technology and other random things that catch his interest.

Tisiphone, a.k.a. Lesley Carhart writes, speaks, lives and breaths cyber security and digital forensics. She does this a lot, and does it very well. Her Tisiphone blog contains some really good information and great advice for people breaking into the industry, so be sure to give it a read.

Javvad Malik over at AlienVault is one of the Big Names (like the aforementioned Krebs), and reading his blog it’s clear why: insightful, considered posts composed with a light touch. Nice, easy reading.

Another Big Name is Jeremiah Grossman: the man described as the “embodiment of converged IT and physical security” by InformationWeek. He knows lots of things about security, and can tell you about them while killing you with his hands and feet in a fancy flurry of Brazilian Ju-Jitsu moves. It is very possible I have a man-crush.

Finally, I would recommend keeping up with corporate blogs from the big players: Anti-malware companies like F-Secure, Sophos’ Naked Security, Webroot’s Threat Blog, and Norton are good ones, but look at them all and find your preferences. Other Security vendors’ blogs to check out include Check Point, Cisco’s CyberSec blog (although it’s always worth watching what Cisco are up to in general), SentinelOne and RSA.

I was going to do a section on newsletters, but given the state of my mailbox (after 2 rounds of cleaning up), I’ll leave things at the blogs, and let you sign up to the ones on offer by the bloggers.

Podcasts

Sometimes, a podcast is easier than a blog or newsletter. I’ve drawn up a short list here, but there are collections and lists abound, just a Google search away.

Defensive Security is the go-to podcast. You will need a couple of hours though, so if you have a bit of a commute, this will work out nicely.

Unsupervised Learning by Daniel Miessler tries to compress about 5 hours of reading into ~40 minutes. Really good quality stuff, and is published as a newsletter weekly, too.

Data Driven Security is a monthly podcast that focuses on security through data analysis.
SANS StormCast Information Security podcast is a short, daily threat alert podcast.

Down the Security Rabbithole features guest experts and talks through some of the bigger events of the week.

OWASP The Open Web Application Security Project’s 24/7 blog, like their site, discusses everything to do with web application security.

Security Weekly gives a good overview of a week in security.

Miscellaneous

Just a bunch of random, useful links that will come in handy:

Peerlyst – A platform for all manner of CyberSecurity resources.

Infosec Resources 4 All – GitHub repository with some really good material

Swift on Security – A security-focused Taylor Swift parody account. Pure Gold.

The Open Source Cyber Security Playbook – Cyber Security planning tool

The National Cyber Security Centre – The GCHQ-based Cyber Security agency

Institute for Security and Open Methodologies – Security research organisation

The Register – Tabloid parody news outlet for IT. Also hosts new BOFH stories. Read them, laugh, weep then go to the pub.

I think that’s about everything covered. I would put a Twitter list in, but I don’t really use it myself. If you are interested, plenty of the folk in everything I’ve mentioned have accounts, and have recommended people to follow. Enjoy the information overload!


Comments

Post a Comment

Popular posts from this blog

Logical Fallacies - Why do they matter?

I came across a wonderful poster image by a talented artist, Michele Rosenthal , which depicts a robot debate: Granted, these aren't all the logical fallacies that exist, but it covers the most obvious, and most abused ones. But why are they important? We currently live in an age where we have access to more information that at any other point in history, and yet somehow we still think that arguing from emotion, or with our cognitive dissonance blinders on, is both right and acceptable: it isn't, not by any stretch of the imagination. Postmodernism may have a place, but not here. Yes, you absolutely are allowed to feel they way you want to, but debates are places for facts and ideas that need to be scrutinised rigorously, not with playground threats and character assassinations. "I feel" is not an argument that belongs in a debate - your feelings are valid for you, yes, but you can not simply refute the evidence-based assertion of vaccinations work with the st...
Post a Comment
Read more

The Ancient and Venerable Art of Google-fu

Other titles considered for this post: How Not To Piss Off Entire Forums and Facebook Groups; Avoiding the Banhammer; Stop Being Lazy and Look it Up Yourselves. Before you can embark on a career in, well, anything even vaguely IT related (or do practically anything), you must master one crucial skill: information searching. In the days of yore, and even rumoured to still exist despite budget cuts, there were in of cult of specialists in this area, who guarded their domains jealously: the librarians. These knowledge-fanatics could divine what you were looking for from the ridiculously poor and mumbled explanation you gave them, then translated that into a secretive code which led you to a shelf in a library, and then to the book you were after. Just like magic. These days, while librarians are still a vitally important part of cataloguing knowledge, we also have another, less mystical, tool at our fingertips: the Search Engine. Unfortunately, very few people have bothered to le...
Post a Comment
Read more

It's all about the angles

I could describe the surroundings for you perfectly, down to the way the grain went on each of the wood panels on the floor, I could talk to you at great length concerning the cobwebs knocking at my door or the baying crane flies attacking the windows, baying for the bleeding luminescence seeping from the screen. I could go so far as to describe each and every instrument playing on the track I was listening to, the perfectly clear Irish lung-pipes of Cara Dillon’s songbird vocals. But I won’t, because none of that matters, at least not in this context, or perspective. It all comes down to angles you see. Not the angles of everything around us, but our angles. The tilt of the head to listen more intently, the hunch, or straightening of the back to become comfortable. The adjustment of glasses to see an image properly, or in this instance, to see the image no-one else may have seen. It doesn’t take much to shift your physical perception of anything, but it opens up a myriad new worlds, ...
Post a Comment
Read more