- Information Security 101: The Reading List
- Information Security 101: The Community
- Information Security 101: Hands-On Experience with Information Security
- Information Security 101: Certifications and Degrees (Coming soon.)
- Information Security 101: Careers and Career Paths (Coming soon.)
Notable individuals, conventions, and organizations from the Information Security field.
Note: These names are not listed in any specific order.
| Twitter Name | Twitter Handle | Twitter Biography |
|---|---|---|
| Dave Kennedy (ReL1K) | @HackingDave | Father/Hubby, Hacker, Author, Media Person, Founder @TrustedSec, @Binary_Defense and @DerbyCon, and vet @USMC. Life Motto: "In Absentia Lucis Tenebrae Vincunt". |
| Mark Boltz-Robinson | @SageFedora | IT security. Apple evangelist, queer geek, avid reader, dog lover, cat owner, skier. #locksport #travel #firearms #politics #infosec #UNIX #atheist #beer |
| InfoSec Taylor Swift | @SwiftOnSecurity | I make stupid jokes, talk systems security, https://DecentSecurity.com + http://GotPhish.com , write Scifi, sysadmin, & use Oxford commas.Kinda prefer they/them |
| C:\Users\Tulpa | @tulpa_security | Digital curiosity in an analog world // Hold onto your roots // Blood type IPA+ // OSCE, OSCP, OSWP, BAppSocSci etc. |
| Nikita Kronenberg | @Niki7a | DEF CON, Director of Content & Coordination. Wife & Mom. Member of: Security Tribe, LoU. ☠️🦄🌈🤓 Into: hacks💡snacks 🌮 shellacs 💅 |
| Marley | @mkr_ultra | First place champ, Crying About Space, '08-'18. Tequila & mezcal fan. Advocate for weaponizing the blue team. Actual space marshmallow. 🍤 |
| Amanda Berlin | @InfoSystir | Adult supervision required. Co-host of @brakesec Author - http://oreil.ly/2aS3Jdm Quod me non necat me fortiorem facit #infosec #security #defsec #hacking |
| Omar Santos | @santosomar | Cyber security principal engineer at Cisco's PSIRT focused on vulnerability management, threat intelligence, research & writing books. Tweets are my own. |
| Heather Mahalik | @HeatherMahalik | Digital Forensics Professional, SANS Senior Instructor and author #FOR585, wife, mama, author, serial vacationer, horse lover and simply over-scheduled! |
| Mudge | @dotMudge | Make a dent in the universe. Find something that needs improvement: go there and fix things. If not you, then who? :) |
| Cypher | @CryptoCypher | Cypherpunk. Moderator @greysec_net. |
| Eugene Kaspersky | @e_kaspersky | CEO of #Kaspersky Lab. 28 years in #cybersecurity. Views are my own |
| bat | @mzbat | NaaS (No as a Service) stabby infosec, artist, tank girl, spooky space bat. PhD in Horribleness.🖤 @18F #nasa @rallysecurity 🦇 http://keybase.io/mzbat |
| John Lambert | @JohnLaTwC | General Manager, Microsoft Threat Intelligence Center, johnla(AT)http://microsoft.com , http://www.linkedin.com/in/johnjlambert |
| Dan Rosenberg | @djrbliss | I break kernels. |
| Matthew Green | @matthew_d_green | I teach cryptography at Johns Hopkins. |
| Ryan Dewhurst | @ethicalhack3r | Founder of Dewhurst Security. Founder/Developer of @WPScan and DVWA. |
| Marc Rogers | @marcwrogers | Ramblings of a Mad English Hacker: Hacker behind BBC's The Real Hustle & USA's Mr Robot. Head of SecOps for DEF CON. Head of Infosec for CloudFlare. |
| Parisa Tabriz | @laparisa | Browser Boss @googlechrome; Security Princess @google; Project Zero den mom; former @usds; skilled at baking, eating, and hijacking cookies. |
| Georgia Weidman | @georgiaweidman | Author: Penetration Testing: A Hands-On Introduction to Hacking http://www.nostarch.com/pentesting (use code GEORGIA) Founder of @bulbsecurity and @shevirahsec, @UMUC prof |
| Conrad | @eric_conrad | SANS Fellow, lead author of The CISSP Study Guide, CTO of Backshore Communications, GIAC GSE #13. |
| Ron Gula | @RonGula | President Gula Tech Adventures. Co-Founded Tenable Network Security & Network Security Wizards. 15+ years experience as CEO & CTO in cyber security industry. |
| briankrebs | @briankrebs | Independent investigative journalist. Writes about cybercrime. Author of 'Spam Nation', a NYT bestseller. Wrote for The Washington Post '95-'09 |
| Gal Shpantzer | @Shpantzer | Information security and risk management advisor. Virtual CISO with interdisciplinary skillset to solve complex business and technical problems. Not CISSP |
| (((Jayson E. Street))) | @jaysonstreet | Hacker, Author. Speaker, VP of InfoSec at SphereNY, DCG Global Ambassador! Always learning & always hoping to teach others! :-) http://awkwardhugs.org |
| the grugq | @thegrugq | Security Researcher :: Cultural Attaché :: [email protected] :: PGP http://keybase.io/grugq :: Не верь, не бойся, не проси |
| Shack | @daveshackleford | Opinionated security geek. Owner@Voodoo Security, faculty@IANS. VMware vExpert. SANS dude. Musician. Sybex author. Slayer of Sacred Cows for Infosec. |
| BillBrenner70 | @BillBrenner70 | IANS research director, security scribe, dad, husband, author of THE OCD DIARIES #WebSecurity #SecurityThoughtLeadership #Metalhead |
| Katie Moussouris | @k8em0 | Founder/CEO @lutasecurity . Bug bounty & vuln disclosure pioneer. ISO editor. Hacker. MIT Sloan visiting scholar. New America Fellow. Harvard Belfer affiliate. |
| Dave Marcus | @DaveMarcus | Chief Architect, Advanced Research and Threat Intelligence McAfee Federal Advanced Programs Group |
| 𝒮𝑒𝒸𝐵𝒶𝓇𝒷𝒾𝑒 | @SecBarbie | Cyber/Information Security Professional, Partner at @UrbaneSec, Fine Dining Lover, DJ, Wine Butler, and forever student of life! #StarChaser |
| Tavis Ormandy | @taviso | Vulnerability researcher at Google. This is a personal stream, opinions expressed are mine. |
| Lance James | @lancejssc | Chief Scientist, @flashpointintel Consulting Detective, @unit221b Previously: Head of #Cyber Intelligence @Deloitte #cybersecurity #threatintel #infosec |
| Jeremiah Grossman | @jeremiahg | I travel world, meet new people, and fight them — or hack them. CEO (Bit Discovery |
| Paul Asadoorian | @securityweekly | Founder & CEO of Security Weekly & @stogiegeeks, @OffensiveCM CEO, hacker, cigar smoker, and podcaster. |
| Jennifer Leggio | @mediaphyter | Raconteur. Powerhouse. Security Twits herder emeritus. Writer for @ZDNet Zero Day. Chief Marketing Officer. Music is my lifeblood. Obsessed with baby goats. |
| Jack Daniel | @jack_daniel | Storyteller, Community Builder, Security BSides co-founder, Friend, Lover, Curmudgeon, Historian. |
| Bill Gardner | @oncee | Assistant professor and ΛΧΑ advisor at Marshall University. |
| Twitter Name | Twitter Handle | Twitter Biography |
|---|---|---|
| Lenny Zeltser | @lennyzeltser | Advances information security. Grows tech businesses. Fights malware. // VP of Products @MinervaLabs. Author and Instructor @SANSInstitute. |
| MalwareTech | @MalwareTechLab | Botnet Tracking, Malware Reversing, Programming. Personal account is @MalwareTechBlog. |
| Miss Malware | @Miss_Malware | #CPA gone dark. #Infosec Engineer n00b. Working on my #OSCP. #BlueTeam Learning SEIM and IDS right now. http://keybase.io/missmalware |
| Brian Carrier | @carrier4n6 | VP Digital Forensics at Basis Technology. Builds incident response (Cyber Triage) and Digital Forensics software (Autopsy and @sleuthkit) |
| Paul Burbage | @hexlax | Malware researcher @FlashpointIntel | board member @BSidesCHS | botnet tracker | honeypot junkie. Tweets are my own. I'm also hexlax on keybase. |
| Amanda Rousseau | @malwareunicorn | Malware Research Unicorn @EndgameInc. Interested in Malware, Reverse Engineering, and Fashion. DEF CON. My thoughts are my own. @VanitySec Creator |
| Brad | @malware_traffic | Sharing information on malicious network traffic and malware samples |
| Jared Atkinson | @jaredcatkinson | | Minesweeper Champ | Aspiring Beard Model | PowerShell MVP | PowerForensics | USAF Vet | FC Bayern Fan | 🇳🇴 Språkstudent |
| Hasherezade | @hasherezade | Programmer, #malware analyst. Author of #PEbear, #PEsieve, #libPeConv. Private account. All opinions expressed here are mine only (not of my employer etc) |
| R136a1 | @TheEnergyStory | Malware Researcher at Palo Alto Networks |
| Sev | @sudosev | Security Researcher @ ProofPoint. Malware analysis/Threat intel/Sig dev. Tweets are my own - personal account. |
| _Veronica_ | @verovaleros | Woman. Hacker. Disruptor. Mentor. Speaker. Malware Researcher. Network Security. Studying Remote Access Trojans. // Co-founder of @womenintechfund & @mateslab |
| VirusShare | @VXShare | Online malware repository project created and maintained by @Forensication PGP 0x37D85B42 |
| Ronnie T. | @iHeartMalware | Python and malware...delicious malware... |
| malware.lu | @malwarelu | Malware.lu is a repository of malware and technical analysis. The goal of the project is to provide samples and technical analysis to security researcher. |
| Adam | @Hexacorn | ROI-oriented DFIR/RCE consulting. Follow my priv blog about expat/travel @pickie_piggie + my wife's art/writing blog @MariNomadie |
| Michael Sikorski | @mikesiko | Malware Analyst. Triathlete. |
| David Cowen | @HECFBlog | SANS Certified Instructor, Expert Witness, Hacking Exposed Computer Forensics author and Blog author |
| Teru Yamazaki | @4n6ist | Forensic Investigator? Instructor? Researcher? |
| Jérôme Segura | @jeromesegura | Lead Malware Intelligence Analyst @Malwarebytes. |
| Nicolas Brulez | @nicolasbrulez | #Virus #HEXorcist. Armadillo PE protector co-coder. Reverse Engineering Rockstar. First REcon trainer since 2005. Ex Principal Malware Researcher at Kaspersky |
| Sarah Edwards | @iamevltwin | Mac Nerd, Forensic Analyst, @sansforensics Author/Instructor of FOR518 Mac/iOS Forensic Analysis & IR, nap aficionado, and animal cuddler. Opinions are mine. |
| Jake Williams | @MalwareJake | @RenditionSec. GSE #150. I do adversary emulation, incident response, and malware research. Let's have some adult discussions about information security! |
| x0rz | @x0rz | Security Researcher & Cyber Observer (pgp: 0xdd1190a656721c4a) |
| Alexandre Borges | @ale_sp_brazil | Malware Researcher. Instructor, Consultant and Speaker. LinkedIn: in/aleborges |
| Cindy Murphy | @CindyMurph | President-Gillware Digital Forensics, Madison WI - 'The most pathetic person in the world is someone who has sight, but has no vision.' Helen Keller |
| Jakub Kroustek | @JakubKroustek | Malware exorcist / ɘƨɿɘvɘЯ engineer / Researcher / Avast Threat Intel lead (previously AVG). My tweets are obviously mine. |
| Tim Strazzere | @timstrazz | Mobile Security Researcher and Malware Analyst, Tweets are my own not my employers |
| Kyle Hanslovan | @KyleHanslovan | Malware Connoisseur. Ethical Hacker. CEO at @HuntressLabs. Open DMs. |
| Andreas Schuster | @forensikblog | Computer forensic geek |
| Willi Ballenthin | @williballenthin | /usr/bin/nethack |
| Twitter Name | Twitter Handle | Twitter Biography |
|---|---|---|
| DEF CON | @defcon | Hacking Conference |
| DerbyCon | @DerbyCon | Welcome to DerbyCon 8.0 - 'Evolution'. A southern information security conference located: Marriott Louisville. Training: Oct 3-4, 2018 Con: Oct 5-7, 2018 |
| shmoocon | @shmoocon | ShmooCon 2018 is Jan 19-21. This account is used primarily to push information. Got questions? Email us at [email protected] |
| toorcon | @toorcon | ratio, non res |
| Security BSides | @SecurityBSides | Expanding the spectrum of conversation one event at a time. |
| RSA Conference | @RSAConference | #RSAC: Where the world talks #security |
| Black Hat | @BlackHatEvents | The World's Premier Technical Security Conferences |
| DevSecCon | @devseccon | A conference for DevSecOps, focusing on continuously secure IT solutions. |
| Twitter Name | Twitter Handle | Twitter Biography |
|---|---|---|
| Hackers For Charity | @ihackcharities | Connecting Hackers and Charities |
| The Innocent Lives | @InnocentOrg | We unmask anonymous online child predators to assist in bringing them to justice. |
| ISACA International | @ISACANews | A global association of 140,000 professionals, ISACA helps enterprises maximize the value of their information and technology. |
| SANS Institute | @SANSInstitute | SANS is the most trusted and by far the largest source for information & cyber security training, certification and research in the world. |
| (ISC)2 | @ISC2 | (ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. |
| ISSA International | @ISSAINTL | Developing & Connecting Cybersecurity Leaders Globally |
| Facebook Group | Additional Information |
|---|---|
| The OSCP Study Group | When requesting to join the group, make sure to fill out the admission questions in order for your request to be considered. |
| InfoSec and IT Jobs | When requesting to join the group, make sure to fill out the admission questions in order for your request to be considered. |
| Digital Forensics and Malware Analysis | Very selective admission. When requesting to join the group, make sure to fill out the admission questions in order for your request to be considered. |
| Cisco Cyber Ops Study Group | When requesting to join the group, make sure to fill out the admission questions in order for your request to be considered. |
| Defensive Security & Purple Team Group | |
| The Scripting Guys | |
| Hack In The Box (HITB) | |
| Python Developers |
| LinkedIn Community | Additional Information |
|---|---|
| ISACA (Official) | This official ISACA group welcomes ISACA members and nonmembers to share expertise and learn about the latest IT-related business issues. |
| Information Systems Security Association (ISSA) Discussion Forum | The ISSA is a not-for-profit, international organization of information security professionals and practitioners. Note: Membership to this LinkedIn group does not signify current membership status with the ISSA. |
| Governance, Risk and Compliance Management (GRC) | This community is focused around the core domains of governance, risk, and compliance. Members of this group are highly respected and well-placed professionals across industry sectors from around the world. |
| CYBER SECURITY Forum Initiative - CSFI | MISSION: To provide guidance and solutions to the private sector in the protection of critical civilian networks against cyber warfare related activities, through collaboration with universities, and the information security industry. |
| Convention | Website | Nearby Accommodations | Additional Information |
|---|---|---|---|
| DEF CON | https://www.defcon.org | Hotels in Area | |
| DerbyCon | https://www.derbycon.com | Hotels in Area | |
| ShmooCon | http://shmoocon.org | Hotels in Area | |
| ToorCon | https://sandiego.toorcon.net/ | Hotels in Area | |
| RSA | https://www.rsaconference.com/events/us18 | Hotels in Area | |
| Black Hat | http://www.blackhat.com | Hotels in Area | |
| Security BSides | http://www.securitybsides.com/w/page/12194156/FrontPage | Multiple locations. |
I think it's fair to assume that most of us in the Information Technology, Computer Science, and Information Security industry are nerds. It's okay if you're not - but you're missing out! If you plan on hanging around the Information Security community very much at all, you'll quickly become acquainted with a term known as "Nerdcore." Even more quickly if you attend any of the conventions. No Information Security post would be complete without at least some sort of shout out to Nerdcore, and my Nerdcore friends YTCracker and Int80 (of Dual Core), and the many other talented Nerdcore artists out there.
I'll let you research this topic further, but I have to leave you with at least one link:
Good luck out there in the community, hackers. Hack all the things (as long as you have permission to do so. ;))!