Top 10 information security blogs

There is a huge amount of information about information security on the Internet, so it is really difficult to stay informed about really relevant stuff. This is why I made this list – I wanted to offer a list of independent, expertly written and up-to-date blogs that will keep you right on track.

The blogs are listed alphabetically:

Information Security Blog by Anton Chuvakin

Security topics including SIEM, log management, compliance, vulnerability management and cloud security.

Krebs on Security by Brian Krebs

This blog features posts on a number of recurring themes, including online crime investigations, latest threats, security updates, data breaches, and cyber justice.

Lenny Zeltser on Information Security

Presents a unique perspective on information security, based on the author’s broad experience in IT, business and malware combat. The blog presents several infosec topics, including incident response, malicious software and risk management.

Mind Streams of Information Security Knowledge by Dancho Danchev

This blog covers trends and fads, tactics and strategies, intersecting with third-party research, speculations and real-time CYBERINT assessments, all packed with sarcastic attitude. The blog offers access to timely, insightful and independent open-source intelligence (OSINT) analyses for maintaining the necessary situational awareness to stay on top of emerging security threats.

Privacy and Information Security Law Blog

This blog covers important aspects of information security rarely covered in other blogs – privacy and information security law updates and analysis.

Schneier on Security by Bruce Schneier

A blog covering security and security technology – the author explains, debunks, and draws lessons from security stories that make the news.

Security Affairs by Pierluigi Paganini

This daily updated blog is focused on all the areas in the security sphere. Its target is to make security a theme accessible to professionals and laymen alike, with an objective judgment on the main security events with specific attention to the subjects of cyber warfare, cyber crime and hacking.

TaoSecurity by Richard Bejtlich

TaoSecurity blog is one of the original security blogs – it will soon be ten years old. It focuses on incident detection and response for targeted threats, with emphasis on Chinese intruders.

And by the way, Security Bloggers Network offers links to over 100 various information security blogs.

Advisera Dejan Kosutic
Dejan Kosutic
Leading expert on cybersecurity & information security and the author of several books, articles, webinars, and courses. As a premier expert, Dejan founded Advisera to help small and medium businesses obtain the resources they need to become compliant with EU regulations and ISO standards. He believes that making complex frameworks easy to understand and simple to use creates a competitive advantage for Advisera's clients, and that AI technology is crucial for achieving this.

As an ISO 27001 and NIS 2 expert, Dejan helps companies find the best path to compliance by eliminating overhead and adapting the implementation to their size and industry specifics.