Mags, Blogs, Communities

Dark Reading.com encompasses 13 communities, each of which drills deeper into the enterprise security challenge: Analytics, Attacks & Breaches, Application Security, Careers and People, Cloud Security, Endpoint, IoT, Mobile, Operations, Perimeter, Risk, Threat Intelligence, and Vulnerabilities and Threats.

Threatpost is an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.

InfoSec Industry is your one stop for access to the latest breaking news and resources on the topic of information security.

Infosecurity Magazine provides knowledge and insight into the information security industry. Infosecurity Magazine also provides free educational content featuring: an established webinar channel, whitepaper syndication programs & industry leading virtual conferences.

Covering topics in risk management, compliance, fraud, and information security.

Slashdot needs no introduction.

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers.

Naked Security is Sophos’s award-winning threat news room, giving you news, opinion, advice and research on computer security issues and the latest internet threats.

Business, Culture, Gear, Ideas, Science, Security

From IDG. News, Reviews, Events, Newsletters, Video, Resource Library

Reviews, News, Video, How-to

News, Reviews, Events, Resource Library Sec-Ops Centre

Featured Video, Articles, Reviews,

Magazine, Featured Articles, Events, Masterclass

Independent news and views for the tech community.

From the About page: "Brian Krebs worked as a reporter for The Washington Post from 1995 to 2009, authoring more than 1,300 blog posts for the Security Fix blog, as well as hundreds of stories for washingtonpost.com and The Washington Post newspaper, including eight front-page stories in the dead-tree edition and a Post Magazine cover piece on botnet operators. In 2014, he was profiled in The New York Times, Business Week, NPR’s Terry Gross, and by Poynter.org."

Cyber Security Insights - Blog on CyberSecurity

From the About page: "Bruce Schneier is an internationally renowned security technologist, called a "security guru" by The Economist. He is the author of over one dozen books--including his latest, Click Here to Kill Everybody--as well as hundreds of articles, essays, and academic papers."

From the About page: "My name is Daniel Miessler, and I’m a cybersecurity professional and writer living in San Francisco, California. My primary purpose in life is that of learning, creating, and sharing, and I’ve been doing that here since 1999. You can find my tutorials and projects above, and be sure to check out the podcast and newsletter as well…"

From the About page: "I’ve been working in the computer security industry since the early 1990s, when I worked as a programmer, writing the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Subsequently I was employed in senior roles by Sophos (where I founded the Naked Security blog) and McAfee. In 2011, I was honoured to be inducted into the Infosecurity Europe Hall of Fame."

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories! Rather than you having to trawl through all the newsfeeds to find out what’s cooking, you can quickly get everything you need from this site!

Security Weekly is the security podcast network for the security community, distributing free podcasts and media since 2005.

The State of Security is an award-winning blog featuring the latest news, trends and insights on current information security issues, including risk, compliance, incident detection and vulnerability research.

From the About Page: "I'm Troy Hunt, an Australian Microsoft Regional Director and Microsoft Most Valuable Professional for Developer Security. I don't work for Microsoft, but they're kind enough to recognise my community contributions by way of their award programs which I've been a part of since 2011. You'll regularly find me in the press talking about security and even testifying before US Congress on the impact of data breaches."

"Pulitzer-winning journalist Byron V. Acohido is the founder and executive editor of The Last Watchdog on Privacy & Security. Acohido is a respected cybersecurity influencer, and LW is widely considered to be one of the top cybersecurity websites."

Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.

See what topics are top of mind for the SANS community on their blog.

The latest news and insights from Google on security and safety on the Internet

The Computer Security Resource Center (CSRC) facilitates broad sharing of information security tools and practices, provides a resource for information security standards and guidelines, and identifies key security web resources to support users in industry, government, and academia. CSRC is the primary gateway for gaining access to NIST computer security publications, standards, and guidelines plus other useful security-related information.

(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security.

As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance

SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet’s early warning system – the Internet Storm Center.

The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software.

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.

The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.

FIRST is the Forum of Incident Response and Security Teams. The idea of FIRST goes back until 1989, only one year after the CERT(r) Coordination Center was created after the infamous Internet worm. Back then incidents already were impacting not only one closed user group or organization, but any number of networks interconnected by the Internet.<br /> Since 1990, when FIRST was founded, its members have resolved an almost continuous stream of security-related attacks and incidents including handling thousands of security vulnerabilities affecting nearly all of the millions of computer systems and networks throughout the world connected by the ever growing Internet.

The Center for Internet Security (CIS) is a 501(c)(3) organization dedicated to enhancing the cybersecurity readiness and response among public and private sector entities. Utilizing its strong industry and government partnerships, CIS combats evolving cybersecurity challenges on a global scale and helps organizations adopt key best practices to achieve immediate and effective defenses against cyber attacks. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC), CIS Security Benchmarks, and CIS Critical Security Controls. To learn more follow CIS on Twitter at @CISecurity.

Founded in 1989, the Information Security Forum (ISF) is an independent, not-for-profit organisation with a Membership comprising many of the world’s leading organisations featured on the Fortune 500 and Forbes 2000 lists. ISF is dedicated to investigating, clarifying and resolving key issues in information security and risk management, by developing best practice methodologies, processes and solutions that meet the business needs of Members.

The International Society of Automation (www.isa.org) is a nonprofit professional association that sets the standard for those who apply engineering and technology to improve the management, safety, and cybersecurity of modern automation and control systems used across industry and critical infrastructure. Founded in 1945, ISA develops widely used global standards; certifies industry professionals; provides education and training; publishes books and technical articles; hosts conferences and exhibits; and provides networking and career development programs for its 40,000 members and 400,000 customers around the world. Click here for more on the ISA62443 standard.

The National Cyber Security Alliance (NCSA), a 501c(3) non-profit founded in 2001, is a public private partnership, working with the Department of Homeland Security (DHS), private sector sponsors (founding sponsors included Symantec, Cisco Systems, Microsoft, SAIC, EMC, McAfee), and nonprofit collaborators to promote cyber security awareness for home users, small and medium size businesses, and primary and secondary education. The NCSA’s mission is to empower and support digital citizens to use the Internet securely and safely, protecting themselves and the cyber infrastructure.

The Information Security Research Association (commonly known as ISRA) is a registered non-profit organization focused on various aspects of Information Security including security research and cyber security awareness activities. Officially registered in the year 2010, the Information Security Research Association has established itself as the leading security research organization in the Industry.</p> <p>ISRA is active in spreading information security awareness and its members have conducted and delivered a large number of information security awareness seminars and campaigns across various geographical locations. As part of this initiative, ISRA observes the first Thursday of every august as the Information Security day. Information Security Research is another domain that is actively supported by ISRA. Students chapter of ISRA are operating at various colleges with this objective.

The Federal Information Systems Security Educators’ Association (FISSEA), founded in 1987, is an organization run by and for information systems security professionals to assist federal agencies in meeting their information systems security awareness, training, education, and certification responsibilities. FISSEA conducts an annual fee-based conference and free workshops during the year. Please join the “FISSEA Community of Interest” on GovLoop, to pose questions and receive feedback from colleagues.

A new Information Security & Governance forum in the Middle-East. Participate and share your knowledge.

Discuss security topics: Ask questions, debate hot topics, get breaking news |[]| Connect with Peers: Find tools, resources, and experts |[]| Build your Brand: Share knowledge, promote your skills, advance your career

Security Products, Privacy, Malware, Software.

Connect and collaborate with like-minded professional on topics of mutual interest and share your real-world experiences.

"Our friendly community of IT experts are full of knowledge for any of your Security questions, from setting up and troubleshooting firewalls, to encryption methods and other security exploits. Seek advice, share your knowledge, brainstorm and shoot the breeze."

"HackerCombat LLC is a news site, which acts as a source of information for IT security professionals across the world. We have lived it for more than 1 year since 2017, sharing IT expert guidance and insight, in-depth analysis, and news. We also educate people with product reviews in various content forms."

The Cyber Security and Information Systems Information Analysis Center (CSIAC) is a Department of Defense (DoD) Information Analysis Center (IAC) sponsored by the Defense Technical Information Center (DTIC). The CSIAC is a consolidation of three predecessor IACs: the Data and Analysis Center for Software (DACS), the Information Assurance Technology IAC (IATAC) and the Modeling & Simulation IAC (MSIAC), with the addition of the Knowledge Management and Information Sharing technical area.

A community for technical news and discussion of information security and closely related topics.

An Eweek.com Site. 95K Members. Security News, Newbie Security Questions, Antivirus, Firewall, Spyware, Microsoft, *NIX, Network Security Etc.

"Our community has more than 50.000 registered members, and we'd love to have you as a member. Join us and take part in our discussions among people of all different backgrounds about security and technology."