Errata Security is always a terrific read, with opinionated, smart posts on all things security, and a big focus on government surveillance.
blogs about cryptography, secure protocols, privacy and anonymity in a relatable but still intelligent way.
He’s a Microsoft MVP for Developer Security, so you can be sure it gets technical on Troy’s blog. He writes mostly about improving security within development and drills down on important security concepts.
Ircmaxwell is a must-read for both developers and anyone working to develop secure software.
A programmer turned security guru, Graham is a prolific blogger (and tweeter!), both on his site and on security sites around the web.
Chris Hoff (@beaker) isn’t a daily writer, but offers great value when he does get the chance to post. And as VP of Strategy and Planning at Juniper Networks and founding member and technical advisor of the Cloud Security Alliance, we can forgive him for posting when he gets the chance. In addition to the blog, check out Chris’s page of presentations and papers for a bonus resource.
Application security expert and author, Ivan (@ivanristic) has established himself as a thought leader on SSL and web application firewalls and blogs about once a month, mostly on those topics. Ivan’s guide on mitigating POODLE last year is a great example of the actionable posts you can expect from his blog.
A household name in security and cryptography, Bruce’s blog is teeming with his take on the most relevant topics in the industry.
Interested in honing in on your offensive as well as defensive security skills? Look no further – Xavier is here! Xavier Mertens (or @xme if you’re more of a tweeter than a reader) is an independent security consultant who blogs about issues he’s currently dealing with along with other technical insights.
Since 2005, Russ McRee has written extensively on information security, offering readers effective advice and useful resources. Russ is Director of OSG Security Response and Investigations, giving him a bevy of research and other brilliant minds with which to blog on and about.
Blogging about InfoSec trends to more technical malware write-ups, Lenny’s blog is a wealth of InfoSec centered data. Those interested in cloud security, incident response and malware will get tons of value out of Lenny’s articles.