AppSec Blogs to Learn From

Krebs on Security A Washington Post investigative reporter turned independent cybersecurity journalist, Brian Krebs regularly blows the covers off security breaches and schemes. His blog is an intriguing mix of posts on tips he’s received and security news we need to know.   Troy Hunt He’s a Microsoft MVP for Developer Security, so you can be sure it gets technical on Troy’s blog. Troy also runs “Have I been pwned“, which allows anyone to check if their email has been found in hundreds of stolen databases.   Schneier on Security A household name in security and cryptography, Bruce’s blog covers the most relevant topics in the industry. If you’re not already one of the 250K+ readers and subscribers to his monthly newsletter, it’s time to get on board!   Dark Reading A must-read for InfoSec professionals of all kinds, Information Week’s Dark Reading has cultivated a great staff and contributing staff writing detailed and thoughtful pieces on a variety of topics with the goal of “connecting the information security community.”   Ars Technica Risk Assessment Ars Technica’s Risk Assessment is an invaluable news resource to keep us up to date. Led by Dan Goodin’s admirable way of writing about technical security topics for the ‘layman,’ this is another must-follow news site.   The Hacker News A great resource for white-hats everywhere, The Hacker News offers news and tutorials in an array of InfoSec areas. With monthly readership in the millions, we guess we’re not the only ones who get value from The Hacker News!   SC Magazine Providing cyber security professionals with the news they need to know, SC Magazine is another news site providing more than just bulletins. Their Data Breach Blog is a great addition to their main offering, as well!   For 29 Cyber Security Blogs You Should Be Reading – Click Here Continue to Chapter 9: Top AppSec Websites to Learn Hacking (Legally).