Emerging Threats

Every cyber security job posting has that same line... stay current on emerging threats. What do you guys use to stay current?

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

cyberguypr

I always ask a variant of this question when I interview candidates. Responses I've gotten by 90%+ of applicants:
- "The web" or "the internet", usually followed by awkward silence
- "Google"
- "Yahoo news"
- "CNET"
- "Reddit", which I follow up with "cool, which subreddits". Their response: SILENCE

Responses I'm expecting to show you really care:
- Subreddits: netsec, asknetsec, computerforensics, malware, memoryforensics, etc.
- Podcasts: I personally do not do any but am aware of the top ones like Security Now, Security Weeks, etc.
- News aggregators: infosecindustry.com, NewsNow:Security news, etc.
- Individuals: Bruce Schneider, Krebs, etc.
- Organization updates: ISACA, ISC, OWASP, etc.
- Twitter: too many to list, just give me something
- Websites: Dark Reading, Threat Post, etc.
- Blogs: Talos, NakedSecurity, etc.

In this day and age I do not understand how most people can't answer such a simple question. This is literally the easiest way to prove you care about the security game.

Don't even get me started with the "do you have a lab" topic.

gespenstern

The best IMO is your own RSS/Atom feed subscribed to blogs from people "on the ground" as opposed to vendors as they are so full of sh!it. Krebs, Ross Anderson, Errata Rob, Remko Weijnen, Sami Laiho, Hasherezade, Russinovich's blog (although he's kind of too high now to write about technical things), Luigi Auriemma, Alex Ionescu and others. For a very quick feel on what's happening in current hour twitter is the best (although I hate it).

PC509

SANS Internet Storm Center with Johannes Ullrich from Jacksonville, Florida (he travels a lot, too). That's my morning commute podcast. On the way home, it's Security Weekly (or lunchtime, depending on work load).

Subreddits (the ones that cyberguypr posted, along with sysadmin, etc..). Webcasts (more of the post-emerging threat, but gives good overview of what's going on. Leo Draeger did a great one on Wannacrypt).

Twitter (too many to name).

Many links from reddit bring new sites that I wasn't aware of, same with Twitter. Just so many different places to find information. Sometimes, it's a new person that finds a threat and posts about it. The news aggregates or Twitter or reddit are great for those ones.

Like with certs - you need more than a single source. There's a ton out there. Some are a bit too 'noisy' for me and show a lot of irrelevant news for me (I'm not sure how much value I put in a news post about a guy getting a year in prison for hacking a school, with no information about the hack itself in the story... Example, not a real story). You have to filter out a lot, but it's worth it.

disip

Really encouraged by this as a person who is trying to break into the security industry. Ive been subbed to those subreddits for a few years and I listen to almost every security now episode.

jibtech

Brian Krebs
Threatpost
Bruce Schneier
Fireeye
Dan Kaminsky
Internet Storm Center
TechExams (you laugh, but there is a large collection of InfoSec professionals here. You would be surprised.)

Right now, my go to is the C-SPAN coverage of the Russia investigation.... /grin

JDMurray

This is a pretty good and recent list of InfoSec blogs: https://digitalguardian.com/blog/top-50-infosec-blogs-you-should-be-reading

I like the security podcasts Security Now!, Security Weekly, and Defensive Security.

markulous

cyberguypr wrote: »

Don't even get me started with the "do you have a lab" topic.

I'll bite. What irks you about the "do you have a lab" topic?

Jamm1n

I think I dabble into all those mentioned above, thanks for the insight on how you interview candidates.

Sounds like there is no wrong answer unless you don't give one lol