Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Information Overload

1 Comment Posted by ChrisJohnRiley on December 23, 2010

If 2010 is anything to go by, I can see 2011 being hard to handle. No, no, I don’t mean that! I mean information overload. There’s just so much information (both good and bad) flowing around that it’s hard to take it all in without spending all your time reading, researching and taking things in. For some of us who are blessed with insomnia, or bosses who think information is king, this isn’t a problem. For the rest of us though, it’s a different story. We need to pick and choose our information sources well, otherwise we as security professionals will quickly find ourselves outdated, replaced with small shell scripts that do the same job, but moan about it less often!

As anybody who follows me on Twitter is probably aware, I’m not a big fan of the #FF (Follow Friday) culture of just pasting in 10 people’s names and saying “follow them”. Although I’m happy to see when people put my name in the list, I’m not sure being bombarded every Friday with a hundred names is the best way to do things. So, with that in mind I’ve been keeping my #FF until today…. my grand #F2010 list (I’m sure that’ll hit it off on the Twitters!).

This list is in no particular order, and for obvious reasons is slanted towards what I’m interested in… penetration testing, security research, and good security knowledge. I’ve tried to steer clear of the “you must follow this guy because everybody else does” list, so sorry if your names not on the list. I wouldn’t even put my mother on the list (hi Mom! /me waves) if she didn’t provide good content…

Xavier Martens – @xme

Xavier is one of the most active bloggers around and always has something up his sleeve. A great source of information on a range of security subjects, both attack and defence. Plus, he’s a great supporter of the @eurotrashsec podcast!

http://blog.rootshell.be/

Tom Eston – @agent0x0

Tom is the uncrowned king of Social Media… if you’re looking to keep up to date on the latest in Social Media Security, Tom is your man! Just don’t accept a Facebook friend request from him or Kevin Johnson!

HD Moore – @hdmoore

HD is the mastermind behind Metasploit and needs no introduction here… if you’re at all interested in penetration testing, security audit or exploitation in general, then you need to be following HD! While you’re at it, and so not to load this list with Metasploit developers…. make sure to follow @Carlos_Perez @egyp7 @carnal0wnage and @jabra as well 😉

Brian Honan – @brianhonan

As well as being the founder and head of Ireland’s CSIRT, Brian is also a great source of information on a whole range of organisational and compliance issues. He wrote the book on ISO27001… no really, he did!

http://bhconsulting.ie/securitywatch/

Didier Stevens – @DidierStevens

Didier, as well as being very European, is also the unchallenged master of PDFs. Lots of good stuff came from him in 2010, and I expect no shortage of cool things in 2011!

http://blog.didierstevens.com

Rob Fuller – @Mubix

Rob has recently joined the crew at Rapid7, but has been one of my main resources of information for a long time… Some of his stuff on HAK.5 are classics! Checkout some of his RSS feeds for some great information sources too!

http://www.room362.com

Wim Remes – @wimremes

Wim is one of the co-hosts of the Eurotrash Security Podcast (along with myself, @daleapearson, and @craigbalding). Wim is an expert when it comes to SIEM and isn’t scared to speak his mind…

http://blog.remes-it.be

Mirko Zorz – @helpnetsecurity

Most “news” sources tend to be nothing but FUD machines™ . Churning out the latest press releases without reading or understanding…. Help Net Security isn’t one of those sources. If you want real opinions on the newsworthy events and technologies of the day, this is a great source. Make sure to checkout their (in)secure magazine as well!

* List is in no particular order… as this isn’t a popularity contest!

Well, that’s it for my list… there are a lot of other users who I’d love to put on the list… but I like to leave em wanting more 😉 Have a great Christmas and a wonderful new year!

Security #F2010, Follow Friday, information overload, Security, sources

← SANS SEC580: Metasploit Kung Fu for Enterprise Pen Testing – Post Mortem Closing 2010… and opening 2011 →

One response to “Information Overload”

Hazel Riley December 23, 2010 at 15:14
I think you should ALWAYS listen to your mother!!!!!

RSS feed

RT @Balgan: Episode 0 of my new YT Series Shit I Found on the internet is live! If you have an interest in internet wide scanning, how to d… 8 hours ago
Hoping to get my copy of @Serato DJ Pro from @HerculesDjMix before the weekend… I need to get my Inpulse 500 spinni… twitter.com/i/web/status/1… 14 hours ago
RT @AlZeidenfeld: DAMN, this is good. 🔥🔥🔥 https://t.co/g1cCcGbOoP 14 hours ago
RT @wugeej: F5 Big-IP CVE-2020-5902 LFI and RCE LFI https://<IP>/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/pass… 3 days ago
Today's trip was long (14km walking in 28° heat) but fruitful! #Invader #Basel https://t.co/hpq4sfw0y7 4 days ago
RT @GROOVERIDERDJ: 24 starts Saturday 4 july 12pm https://t.co/NfF2arBNoy 5 days ago

The contents of this personal blog are solely my own opinions and comments, as such they do not reflect the opinions of my employer(s) past, present or future. No legal liability is accepted for anything you do, think, or consider fact as the basis of articles and links posted on this blog.

"Three to one...two...one...probability factor of one to one...we have normality, I repeat we have normality. Anything you still can’t cope with is therefore your own problem."

Note: A large portion of content I post on my blog comes from "live blogging" of security conferences. These posts are in notes form and are written live during a talk. As such errors and emissions are expected. I'm only human after all!

Cатсн²² (in)sесuяitу / ChrisJohnRiley