Today, I thought I would post great resources for information. If you want to be good at security, it means you need to be well read.
Here are the top five web application security blogs in no particular order.
- Jeremiah Grossman - Probably the most read web application security blogger. Jeremiah reads all of the material so you don't have too.
- Rsnake / Robert Hansen - The other most read web application security blogger. Interesting Note: Graduated my alma mater.
- Holistic InfoSec - Russ McRee's blog. Russ puts people on the stove. He posts are controversial and exciting. According to ISS, Russ was one of the Top Vulnerability Discoverers in 2008. Keep an eye on him, it is interesting to see what he will do next.
- Billy Rios - Also known as the XS-Sniper! Billy is behind some of the most innovative research as of late. He is the man behind Gifars and URI overflows. He is also known to smuggle olives on occasion.
- Nitesh Dhanjani - Although he covers a wide range of topics outside of web application security, Nitesh continually blogs about topics that are thought-provoking.
