Top Infosec Pros To Follow For Advanced Security Knowledge
In today’s rapidly growing Information Security industry, reading quality content daily can help professionals stay up to date on what’s happening. Here are some of our favorite pros, researchers and advocates to follow to gain advanced InfoSec skills.
1/ Don Donzal of The Ethical Hacker Network
As a firm believer of life-long education, Don is an advocate of industry certifications as a baseline of knowledge, while also ever-mindful of the fact that true career advancement comes with experience and sharing with others. For this reason, he created The Ethical Hacker Network. He will continue to preach the wonders of technology through a combination of writing, speaking, studying and, of course, working. Later on, in November 2017, Don and The Ethical Hacker Network became part of the eLearnSecurity family.
Why we like it? Because EH-Net is a free online magazine for security professionals with an active community ready and willing to help your career. All EH-Netters can network with other professionals, write their own blog articles based on their experience, establish their personal brand, attend high-quality webinars with industry leaders, and much more.
2/ Chloe Messdaghi of Bugcrowd
Chloe Messdaghi is a Security Researcher Advocate and PM at Bugcrowd. Since entering the cybersecurity space, she sees security as a humanitarian issue. Humanitarian work includes advising as a UN Volunteer, serving as a board member for several humanitarian organizations. Chloé is also one of the WIST founders, heads WIST SF Chapter, mentors and advocates for inclusion in InfoSec, and founded a nonprofit called Drop Labels.
Why do we like it? Because Bugcrowd harnesses the power of a global community of security researchers to surface critical software vulnerabilities, and its blog is full of free tips and resources for aspiring security researchers (of all levels!).
3/ Erich Kron of KnowBe4
Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in InfoSec.
Why we like KnowBe4? Because they provide Security Awareness Training to help organizations and professionals manage the IT security problems of social engineering, spear phishing and ransomware attacks. Additionally, with Kevin Mitnick, the mid-nineties “World’s Most Wanted Hacker” as Chief Hacking Officer, KnowBe4’s blog is a great source of quality content for security pros who want to learn about Social Engineering and how to spot this type of attacks.
4/ Joshua Saxe of Sophos/ Naked Security
Joshua Saxe just so happens to also be the author of “Malware Data Science” and Chief Data Scientist at Sophos interested in machine learning, data visualization, neural networks, research design / management, transitioning research prototypes into products, and team building. You can find him on Twitter @joshua_saxe.
Why we like Sophos & Naked Security? This award-winning security news, opinion, advice and research blog covers a large range of topics from InfoSec to AI and Data Science, perfect for those who want to stay up-to-date about daily security news, and discover new security topics.
5/ Jacob Holcomb of Independent Security Evaluators (ISE)
Jacob Holcomb (AKA Gimppy on Twitter) is the principal researcher on several pieces of ISE research, including the landmark publication SOHOpelessly Broken, which discovered over 50 new 0-day vulnerabilities in network routers and served as the foundation for the first-ever router hacking contest at DEFCON. He is skilled in penetration testing, application security, network security, and exploit research and development. A highly regarded speaker, he has presented at security conferences such as BlackHat USA, BlackHat Europe, DEFCON, DerbyCon, BSidesDC, and many others. In addition to projects at work, coding, and his favorite pastime of EIP hunting, Jacob loves to hack his way through the interwebz and has responsibly disclosed dozens of 0-day vulnerabilities in commercial products and services.
Why we like ISE? Because it resolves technology vulnerabilities through rigorous analyses to protect their clients digital assets by providing expert, objective, and targeted interventions. Additionally, they’re also at the head of the IoT Village of DefCon and for expert advice and tricks on how to break into IoT devices. How fun!
6/ Jason Haddix of Bugcrowd
Father, hacker, educator, and VP of Researcher Growth at Bugcrowd, Jason interests and areas of expertise include mobile penetration testing, black box web application auditing, network/infrastructure security assessments, wireless network assessment, binary reverse engineering, and static analysis.
Why do we like him? Aside from the fact that he has never been seen without a smile, we just love his detailed (and free) Bug Hunter’s methodology that gets you one step closer to making big bucks.
7/ Christopher Hadnagy Social Engineer
Chris is the founder and CEO of Social-Engineer LLC. With over 16 years experience as a practitioner and researcher in the security field, his efforts in training, education, and awareness have helped to expose social engineering as the top threat to the security of organizations. Chris established the world’s first social engineering penetration testing framework at www.social-engineer.org, providing an invaluable repository of information for security professionals and enthusiasts.
Why we like him? Because Chris is a sought-after writer and speaker, who has spoken and trained at events such as RSA, Black Hat, and various presentations for corporate and government clients. He is also the best-selling author of four books; Social Engineering: The Art of Human Hacking, Unmasking the Social Engineer: The Human Element of Security, Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails and the just released Social Engineering: The Science of Human Hacking.
8/ MacKenzie Brown
MacKenzie Brown brings both technical and research experience to her position as an Enterprise Incident Management Consultant, where she focuses on providing clients with proactive and reactive services in order to assess their incident response capability, effectively navigate through breaches, and ultimately design a strategic program road-map for improved overall posture maturity.
Why we like her? She is a member of many information security community associations and regularly contributes to security organizations, has been regularly published writing on topics specific to business needs in cybersecurity, and has founded an Idaho non-profit, The Ms. GreyHat Organization, that focuses on transforming the culture of cybersecurity through the empowerment of women and initiatives for developing early year cybersecurity education.
9/ Rey Bango of Microsoft
Web developer in a previous life, Rey Bango now is a Security Advocate at Microsoft. Since he’s taken an interest in information security, especially appsec, and wants to help build more secure experiences.
Why we like him? Because he’s a fresh source of quality cyber security content and he’s the proof anybody can shift to a career in InfoSec with the right dose of hard work, passion, and dedication. Learn more about how he went from Dev to InfoSec here.
10/ Ellie Daw of Accenture
On the technical side, Ellie Daw has spent the last couple of years working as a software engineer on crypto and network protocol libraries. She believes there is always more for her to learn, but understands the importance of letting loose, too!
Why we like her? She is passionate about diversity in tech and giving back, innovation and experimentation, and bringing security and good user experience together. She has been heavily involved in teaching cryptography to professionals as well as developing cryptography workshops for youth cybersecurity education initiatives.
She is an active part of The Ethical Hacker Network and you can find her crypto series “Ease me into cryptography” here.
11/ Adrian Sanabria of NopSec
Adrian Sanabria spent a decade building security programs and defending large financial firms. He also spent many years as a consultant, performing penetration tests, PCI audits and other security-related assessments. Adrian learned the business side of the industry as a research analyst for 451 Research, working closely with vendors and investors.
Why we like him? Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the industry, tell stories and still sees the glass as half full. He can also be found on Twitter @sawaba.
12/ Anton Chuvakin of Gartner
Now VP & Distinguished Analyst at Gartner, Anton is also the author of “Security Warrior”, “Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management” and ““PCI Compliance, Third Edition: Understand and Implement Effective PCI Data Security Standard Compliance”” (book website) and a contributor to “Know Your Enemy II”, “Information Security Management Handbook” and others.
Why we like him? His blog “Security Warrior” was one of the most popular in the industry. In addition, Anton teaches classes and presents at many security conferences across the world; he addressed audiences in United States, UK, Australia, Singapore, Spain, Russia and other countries.
Got a favorite Security Advocate, Researcher, or Blogger? Let us know in the comment section and we’ll add him to the list!
Aspiring to discover the world of Information Security and learn the right Penetration Testing skills to get a first job in this field? Join us for the launch of our Penetration Testing Student training course version 4, PTSv4, coming this May 21, 2019, at 1 pm EST. Amazing deals and prizes are waiting for all attendees!
Connect with us on Social Media: