38 Best Security Blogs

The best security blogs cover everything from personal security to homeland security and are a useful tool for both new students and career professionals. These days you can’t be too careful. There are hackers and haters out there, ready to take your identity, your money, and even (given the danger of terrorism) your life.

What follows are ways to protect your physical self and your assets. There have never been more dangers to your life and property, and at the same time, more experts out there willing to offer you their opinions, their help, and best advice.

We culled the blogosphere for the best, most respected security-related bloggers out there. The topic of security is vast. There is internet security, personal security, homeland security, and many more. So we divided the blogs we found into categories:

  • National Security
  • Homeland Security
  • Personal Security
  • Video Blogs
  • Home Security


National security means more than just counter-terrorism; it also involves nuclear deterrence, the environment, and any factor that affects our day-to-day lives. What follows are some of the best.


Life has changed since 9/11, as these blogs clearly reflect. What follows are blogs by experts who have taken on the responsibilities of observing and then commenting on the ongoing war on terror.


Personal protection takes many forms, so there is a wealth of information available for those wishing to explore the various approaches to individual safety.

Martial arts training and other defensive strategies help people stay safer while reinforcing confidence in everyday situations. Various defense tactics are widely discussed online, including basic ways to keep you and your family safe. These blogs cover a range of personal defense strategies and highlight the individual opinions of some of today’s leading personal defense experts.


Here’s a cliché updated. If a picture is worth a thousand words, what about an instructional video? What follows are vlogs…video blogs:


Is your house safe from home invasion? Is your safe child safe in terms of common ordinary objects? And how about the elderly? What follows are home security blogs written by individuals, experts, and companies that specialize in home safety security.


All hail Brian Kreb, the genius behind Krebs on Security. In 2001, Krebs was hacked, so he takes a personal interest in online security and is one of the well-known names in today’s security landscape. Some of the topics he covers range from the latest threats, privacy breaches, and cyber-criminals to major security news.

Krebs can write up a storm. He was a reporter for The Washington Post from 1995 to 2009, authoring more than 1,300 blog posts for the Security Fix blog, as well as hundreds of stories for washingtonpost.com and The Washington Post newspaper, including eight front-page stories in the dead-tree edition and a Post Magazine cover piece on botnet operators. How influential is he? He was recently profiled in The New York Times, Business Week, and Poynter.org. How’s that for credentials?


Bruce Schneider is probably the most well-known name that you can recognize in our list and be even called a “security guru” by The Economist group. He has written books, hundreds of articles, essays, and security papers on security matters. At the same time, he is a known figure in the media environment, which recognizes him as an important voice for online security, not only for his knowledge on the matter but also because he knows how to express his opinions.

Schneier has authored 13 books, including Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. His influential newsletter “Crypto-Gram” and his blog are read by over 250,000 people. He has testified before Congress and is a frequent guest on television and radio. Schneier is a fellow at the Berkman Center for Internet and Society at Harvard Law School, and a program fellow at the New America Foundation’s Open Technology Institute.


This security blog is run by Richard Bejtlich, Chief Security Officer at Mandiant and author of many books on security.

With an extensive background in the cyber-criminal world and malicious attacks on enterprise networks, he shares his experience in digital defense, network monitoring, and detection on his security blog. Since a great number of network attacks come from China, he specializes in Chinese online criminals.


This is the official website of the Department of Homeland Security and is a part of DHS’ National Cybersecurity and Communications Integration Center.

Though it is not a classical security blog, its purpose is to improve Internet security by providing specialized and well-detailed information on cyber-criminal activities, malware, phishing attempts, and online threats. In their own words: “US-CERT strives for a safer, stronger Internet for all Americans by responding to major incidents, analyzing threats, and exchanging critical cybersecurity information with trusted partners around the world.”

The Department of Homeland Security’s United States Computer Emergency Readiness Team (US-CERT) leads efforts to improve the Nation’s cybersecurity posture, coordinate cyber information sharing, and proactively manage cyber risks to the Nation while protecting the constitutional rights of Americans. US-CERT strives to be a trusted global leader in cybersecurity—collaborative, agile, and responsive in a dynamic and complex environment.

You can subscribe to US-CERT’s mailing lists and feeds. US-CERT distributes vulnerability and threat information through its National Cyber Awareness System (NCAS) and operates a Vulnerability Notes Database to provide technical descriptions of system vulnerabilities.

5. Dark Reading

Dark Reading is a widely-read cyber security site that addresses professionals from the IT environment, security researchers, and technology specialists. They use their experience and knowledge to provide articles, recommendations, news, and information on IT security.

Some of the readings here are dense and you need some knowledge in the field to fully comprehend them. But technology students (and really, anyone interested) would be wise to bookmark this blog and check in regularly.

6. CIO

CIO is the place where you find news, information technology articles, insight, and analysis on major data breaches and online threats. Covering multiple aspects of the web, it provides in-depth, content-rich information for IT professionals and normal users. We found this material, written by several bloggers) vital to our understanding of issues vital to internet security. Please bookmark this blog.

One of the best blogs on this site is by Saurabh Sharma, the founder and Chief Executive Officer of Indus Insights. He is part data scientist, part management consultant, and part business manager, with more than a decade of experience in creating value through the use of data-driven approaches. Prior to starting Indus Insights, Saurabh worked as a strategy consultant at Bain & Company, advising senior management across a variety of verticals, including CPG and hi-tech. Saurabh is regularly quoted by national and international media as a subject matter in payments, analytics, and consulting.


Paul’s Security Weekly, founded by Paul Asadoorian, brings you security news, useful technical articles, research studies and valuable information on hacking and cyber-crime through various channels, from blog posts, videos to podcasts.

Security Weekly also provides several different consulting services, including penetration testing, offensive countermeasures and embedded device security assessments. All services are performed in conjunction with its partner, Black Hills Information Security.

Asadoorian maintains a Senior Consulting role at the Black Hills and regularly participates in penetration testing and embedded device assessments.


Forbes Firewall comes from one of the leading media companies (Forbes Magazine and spinoff products) in the online environment and provides strong analysis, reliable tools, and real-time reports for cyber-security news and information on the latest online threats. Several contributors cover the worlds of data security, privacy, and hacker culture.


You’ll need to go to the section dedicated to security on this site. Blog writers, there will analyze the latest malware threats and zero-day exploits.

Also, you can find here other important topics and subjects, such as security articles, how-to documents and software reviews.


One of the internet security industry giants. Clueley has been working in the computer security industry since the early 1990s, when he worked as a programmer, writing the first ever version of Dr. Solomon’s Anti-Virus Toolkit for Windows.

Since then he has been employed in senior roles by Sophos and McAfee. Between 1999 and 2013, he worked as a senior technology consultant at Sophos. He was also the head of corporate communications, and the editor and main writer of Sophos’s award-winning Naked Security site, which typically receives 1.5 million page views each month. His blog has won numerous awards such as ‘Best IT Security Blog’, ‘Most Educational Blog’ and ‘Best Corporate Security Blog.’

12. Naked Security

Naked Security is Sophos’ award-winning blog. Authors include Lisa Vaas, Paul Ducklin, Lee Munson – who will be featured again later on – and John Zorabedian.

This is one of the biggest blogs in this list with around 1.5 million page views per month. Recent posts cover: ‘5 excuses for doing nothing about computer security!,’ ‘Microsoft pulls Patch Tuesday Kernel update – MS14-045-can cause Blue Screen of Death‘ and ‘Do Not Track – the privacy standard that’s melting away.’


Matt Suiche is the founder & managing director of MoonSols Ltd, a privately owned security company specializing in digital forensics, incident response, and memory forensics. In 2011 Matt co-founded CloudVolumes, a Santa Clara-based software company, that aims at resolving management, scalability, and performance issues present in the cloud and virtualized data centers. Matt is Microsoft’s Most Valuable Professional Enterprise Security since 2009.


Threatpost is Kaspersky Lab’s independently run security news service. Its award-winning editorial team produces content including security news and feature reports.

Threatpost’s global editorial activities are driven by veteran security journalist Dennis Fisher who has a decade of experience reporting on security industry news and issues. He is assisted by Christopher Brook and Brian Donohue. To give you a sense of their topics, recent posts include ‘50 Security Flaws Fixed in Google Chrome’, ‘Bitcoin Phishing Campaign Targets 400 Organizations’, and ‘Adobe Patches Reader Zero-Day Used in Targeted Attacks.’


The blog allows for a diversity of industry content to be shared, searched, and refined for the interest of our online audience. At Kroll, the mission is to help leaders reduce risk, manage compliance, navigate litigation and make confident decisions about:

  • the people they hire and third parties they choose to work with
  • investments they make in new ventures or their own expansion
  • data they store, manage and protect
  • crises they face that require expertise in conducting investigations and resolving disputes

Headquartered in New York with more than 50 offices across nearly 30 countries, Kroll has a multidisciplinary team of over 2,000 employees and serves a global clientele of law firms, financial institutions, corporations, non-profit institutions, government agencies, and individuals. Some of those employees blog.


Tom Olzak is an independent security researcher with over 38 years of experience in programming, network engineering, and security. He is also the author of 3 books: Just Enough Security, Microsoft Virtualization, and Enterprise Security: A Practitioner’s Guide.

With this blog, Olzak explores new or unique ways of applying security concepts. Our goal is to show security practitioners how to intelligently apply existing and emerging security concepts and technologies. To do this, I develop vendor-neutral papers and training videos and make them available here.


Blogger Russ McRee works for Microsoft’s Operating Systems Group (OSG). He writes toolsmith, a monthly column in ISSA Journal. His blog is dedicated to sharing information security content and resources.

McRee has spoken at infosec events such as Defcon, Black Hat, RSA, and FIRST and has published in the likes of Information Security, Linux Magazine, (IN)SECURE, and SysAdmin as an advocate of a holistic approach to information security.


An IT journalist since 1995, Simon has worked on some of the UK’s biggest computer magazine titles, including Computer Shopper, PC Pro, Computer Active, Web User, Mac User, and IT Pro. One of Edwards’ areas of expertise is anti-malware testing and he is the Technical Director of Dennis Technolgy Labs, an independent security testing business.

21. The Best Defense

The professional blog of Pulitzer Prize-winning national security journalist Thomas E. Ricks, The Best Defense gives readers a good mix of posts on military affairs and foreign policy. Posts can range from a detailed analysis of Middle Eastern politics one day to a historical account of the US Civil War the next. The Best Defense also publishes a series of great guest posts, my personal favorite being Rebecca Frankel’s weekly discussion of war dogs.

22. Secrecy News

Secrecy News is the blog of the Federation of American Scientists, an independent think-tank that provides analysis and recommendations on national and international security issues connected to applied science and technology.

Written by Steven Aftergood, who heads the Project on Government Secrecy, Secrecy News breaks news involving intelligence spending, classification guidelines and decisions, and other highly relevant information for the cleared community.

23. Gun Powder and Lead

When it comes to blogs by up-and-coming national security commentators, Gunpowder and Lead is at the top of the list.

Written by a mix of freelancers, think tankers, consultants, contractors, and authors, the blog has an influential readership and strong social media presence. Posts on Gunpowder and Lead offer detailed and well-cited analysis, commentary, and book reviews.

24. Small Wars Journal Blog

Named after the 1940 U.S. military’s “Small Wars Manual,” Small Wars Journal is an online community for defense professionals, particularly those involved in counterinsurgency and counterterrorism. While Small Wars Journal itself publishes lengthy pieces on military affairs, its blog is more of an outlet for smaller commentary and news round-ups.

Small Wars Journal publishes original works from authentic voices across the spectrum of stakeholders in small wars. They also link to relevant goings elsewhere.  You can start your own threads in the Small Wars Council discussion board, but note that still uses a separate Council Username, so you’ll have to register…but it’s free.

25. Defense Media Network

Defense Media Network is devoted to hosting all of Fairmount Media Group’s defense, homeland security, and military medicine content. Here you can access all our defense products under one roof. Defense Media Network aggregates all our publications in one easy-to-use website and gives readers the ability to customize their membership to whatever content they wish to receive.

By subscribing to Defense Media Network you can access the content of the highest quality on a daily basis, receive our weekly e-newsletters, participate in our blogs, read digital magazines and customize your subscription to our print editions.

26. Intel News

IntelNews began in 1988, in the good old days of bulletin board systems (BBS). Its purpose was to facilitate mostly English-language discussion on issues of intelligence among professionals, academic researchers, and aficionados. In 1998, it was renamed The Club, and operated under its own, privately accessible Internet domain. The events of September 11, 2001, reinvigorated the public’s interest in the field of espionage and intelligence. Thus, in late 2006, the decision was made to rename the network intelNews and turn it into a public-access website.

Despite its periodic reincarnations, the mission of intelNews has remained unchanged since its BBS days: namely to highlight and discuss in a responsible and reflective manner the impact of intelligence operations in national and international affairs. In doing so, intelNews aims to encourage public discussion on a critical aspect of security and to provide the world’s media with informed and responsible commentary on related subjects.

27. Losantiville

This blog is written and maintained by a Cincinnatian and former air-force Colonel and covers issues of homeland security, foreign affairs, and national defense. With an informal, personal tone, this blog is a fascinating read from someone with first-hand experience.

28. Christos Military and Intelligence Corner

This blog has the depth of information and loving care of an enthusiast’s pet project. Documenting and explaining military and intelligence history, especially in WWII, the blogger makes the obscure interesting and the famous new once more.

29. Espionage Research Institute International

The mission of the Espionage Research Institute International blog is to educate and advance best practices in the counterespionage, counterintelligence, and TSCM community through excellence, applied learning, and research that examines issues of strategic importance to the sector.

30. Dirk’s Weblog

This blog is a focused look at how cryptology, intelligence, and security intertwine, both historically and in the current day. It is an interesting read for anyone who wants to learn more about this unique area of national security.

31. Infection Control Today

Infection Control Today is the leading information source for infection preventionists and their colleagues in operating rooms, sterile processing, environmental services, and materials management. The topics here are very much national security issues.

This blogsite has been serving hospitals and their critical information needs in the area of infection prevention since 1997. Infection Control Today magazine, website, and e-newsletters deliver the timely, relevant practice guidance that medical professionals need to protect their institutions, their patients, and their fellow healthcare workers, and eliminate healthcare-acquired infections.

32. Tom Dispatch

You don’t often see bloggers on this subject from the left-wing of American politics, but this is an exception. And a good one. Tom Engelhardt launched Tomdispatch in November 2001 as an e-mail publication offering commentary and collected articles from the world press. In December 2002, it gained its name, became a project of The Nation Institute, and went online as “a regular antidote to the mainstream media.”

The site now features Tom Engelhardt’s regular commentaries and the original work of authors ranging from Rebecca Solnit, Bill McKibben, and Mike Davis to Chalmers Johnson, Michael Klare, and Adam Hochschild, Robert Lipsyte, and Elizabeth de la Vega. Nick Turse, who also writes for the site, is the associate editor and research director.

Tomdispatch is intended to introduce readers to voices and perspectives from elsewhere (even when the elsewhere is here). Its mission is to connect some of the global dots regularly left unconnected by the mainstream media and to offer a clearer sense of how this imperial globe of ours actually works.

33. Women’s Self Defense Boston

At Women’s Self Defense Boston the blog talks about SEPS (Situation Effective Protection System) a self-protection system that teaches threat avoidance, prevention, and identification along with the Krav Maga Yashir system: A style of martial arts that was developed in Israel to deal with all manner of violent assaults both armed and unarmed as well as those involving multiple assailants.

The group’s women’s self-defense program is not just a collection of various techniques but a tried and tested method of training women on the subject of personal safety whether through changing attitudes and behaviors or teaching physical solutions to violence. The blog discusses several ways to use repetitive training to synch the mind with the body’s ability to respond to threats.

34. Wim Demeere’s Blog

Marshall Arts, Self Defense and a Whole lot More – Getting the most of your approach to personal safety is the goal of this blog, which is bolstered with information shared here by a self-defense teacher.  The posts break defense into several categories, offering valid tips for each situation.

Demeere has been training and teaching Martial Arts and Self Defense for about 30 years now. He lives just outside of Brussels in Belgium where he writes and makes instructional videos.

He started the blog as a reincarnation of a website he started in 1999. His goal back then was to do something on the Internet about martial arts. For a number of reasons, he stopped working on the site in 2006. But as of late 2008, he took up blogging and started transferring the content from the old site to this blog.

35. Pretty Loaded

Situational Awareness and Self-Defense Mindset is the foundation of your personal safety and the focus of this blog, loaded with instructional videos. In their video shorts, they focus on just a few of the many skills explored in their full training series, which they hope will give you confidence, and knowledge, and change the way you feel about your safety forever! Protect your life, it’s the only one you have!

36. Safe Kids Worldwide

Safe Kids Worldwide is a global organization dedicated to preventing injuries in children, the number one killer of kids in the United States. Yet, around the world, a child dies from an unintentional injury every 30 seconds. And millions of children are injured in ways that can affect them for a lifetime.

Their Bottom Line Blog relays information contributed by safety experts to help readers keep up with the latest safety news and trends. Updated weekly, they have home security information specialized for everyone from babies to seniors. You can even view the expert network or take an online tour of a safe home.

37. Protection 1

Providing both residential and business security, they also have this useful section on how to spot scams. The site also contains the latest in security headlines from alarms to door knocking. There is also a YouTube channel with even more. Good information on this site. Understand that this is also produced by a company that wants your business.

38. ADT Learning Center

A leading home security provider produces ADT Learning Center Blogs. Still, their learning center is full of helpful information. Choose from safety tips, home security articles, and even ways to reduce false alarms. We like this site because if you have more questions, you can chat with a representative online.