Infosec Blogs/Podcasts

This section of the web site provides a list of security blog and podcast resources that are based around the Northern Virginia (NoVA), Maryland, or Washington, DC areas. If there are any mistakes or information we should add, please let us know through our Contact Us form.

The following are some recent posts regarding local security blogs and podcasts. Look for a complete list of all event-related posts on the Infosec Blogs/Podcasts category page.



We have a lot of information security blogs in our area. See below for many of the most popular ones. Also we’ve combined all the feeds from the following blogs into a single consolidated one so you can easily keep track of everything. Check it out at

  • No this isn’t the official Blackhat site … instead it’s the blog of Jason M. Oliver, a local security evangelist and technology innovator. This is where he shares his ideas and hyperlinks.
  • Brinkmasterj: Joe Brinkley runs this blog that focuses on a range of security technologies.
  • Carnal0wnage Blog: Chris Gates blogs about Windows and web security. Chris has also been a presenter at security conferences in the past. Joining Chris is Ken Johnson, who writes about tips and tricks for appsec testing, opinions, and code that may help somebody out.
  • Darth Null: David “@schuetzdj” Schuetz maintains this personal blog where he periodically puts out some of his geeky ideas and ramblings that he would like to share with others.
  • ElectricFork: Ben “@electricfork” Miller puts out this little collection of interesting notes and brainstorms on protecting from, detecting of, and responding to badness. Ben also organizes a small infosec meetup in Baltimore called CharmSec. See our NoVA Meetups page for more information on this event.
  • Georgia’s Infosec Blog: Formerly the blog at, come here for a blog of Georgia’s infosec exploits from CVE to world travel.
  • How is that Assurance Evidence?: Chris Burton runs this blog. I think its name says it all! Chris has been in the Information Technology field for the last 10 years, and has been working with Info Security, Info Assurance, Policy and Compliance for around 7 of those 10 years. He’s worked with large and small organizations primarily with Federal policy, regulations and guidance.
  • Jack Mannino: Since you don’t know Jack, you may want to check his blog out. 🙂
  • Jack Whitsitt: Art and Security in Washington, DC: A very interesting take on security… Jack’s tag line is “An Artist’s take on National Critical Infrastructure Protection, Enterprise Architecture, Information Security, (and some art)”. Don’t see too many security blogs like that.
  • Based on his blog’s catch-phrase, Rob Fuller (a.k.a. Mubix) “drones on mindlessly about the his experience in security.”
  • Security Musings: Peter Hesse runs his company blog, which provides a lot of useful advice and learning.
  • Shpantzer on Security: Focused on Information Security, with occasional coverage of physical security, terrorism, information warfare and other related items.
  • Social Hacking: Joey “@theharmonyguy” Tyson, a security engineer at Gemini Security Solutions, runs this blog that primarily covers privacy and security issues in online social networking applications.
  • TaoSecurity: Richard Bejtlich’s main blog. Nuff said.
  • The Cuckoo’s Egg: This blog is run by Ned Moran. In his spare time he is an Adjunct Professor in the Computer Science Department at Georgetown University in Washington, DC. This blog chronicles their class discussion and applies theories of Information Privacy and Security to everyday events.
  • The Falcon’s View: Ben Tomhave left our area for a while but now he’s back. He describes his blog as the “mental meanderings of an infosec obsessive…”
  • The Guerilla CISO: Michael Smith describes his blog as “The concept behind The Guerilla CISO is a bit of BOFH, a bit of ranting, and a bit of “do it this way because it works”. In other words, exactly what I would give somebody in person, and pretty typical blog fare.”


  • Compute Cycle: Brett Thorson has been running this little podcast since early 2011. In 5 minutes or less Brett discusses computer security and technology news.
  • Cyberspeak Podcast: Hosted by two formal federal agents who investigated computer crime, this podcast covers computer security, crime, and forensics. There’s always a slight undertone of something about our local area in Bret and Ovie’s banter – whether it be about traffic, local communities, or weather.
  • Hak.5: Hak.5 is a weekly video podcast for the hacker, modder and do-it-yourselfer. Hosted by Darren Kitchen, Matt Lestock, and Shannon Morse, the show is a hybrid of technology and geek humor. NoVA’s very own Rob Fuller (see above) makes periodic guest appearances.
  • Healthy Paranoia: In this spin-off of the popular Packet Pushers podcast, NoVA native Michele “@MrsYisWhy” Chubirka leads this very entertaining weekly podcast that discusses the practical issues in security. This mean focusing more on the “build it” and less on the “break it” aspects of security.
  • SecuraBit: Currently residing in in the metro-DC area, Chris “@secbitchris” Gerling leads a set of rotating co-hosts in this popular podcast that discusses information security news, technical topics, and more. Several of the co-hosts and repeating guests hail from the DC area, including Rob “@mubix” Fuller and Jason “@SecuraBit_Jay” Mueller.

7 comments for “Infosec Blogs/Podcasts

  1. September 2, 2011 at 5:17 pm

    Great post, I love reading your content

  2. Tyler
    October 31, 2011 at 10:24 am

    Hey, great list! Can we get some love for the InfoSec Daily (ISD) Podcast? Rick Hayes, Karthik, Boris and the rest of the guys run it every Mon-Fri at Good stuff!

  3. December 24, 2011 at 8:21 am

    Thanks for the list brother. It’s my hobby to read other ideas from other information security blogs. I’m also maintaining a security blog and mind you it’s quite fun since you are able to meet people who are also interested in the same field.

  4. March 19, 2013 at 6:08 pm

    Thanks for giving me some great lunchtime reading this week.

    BTW Commenter Tyler, the ISD has now wound up, it was certainly a great podcast. Boris has a new one called Grumpy Sec, a bit EL’ish but nonetheless that means fun. Risky Business is probably the best InfoSec Podcast out there. Seems a lot of the good ones are winding up, or running out of steam. I would welcome any sec podcast suggestions if that could be expanded

  5. March 19, 2013 at 10:18 pm

    HaQue: Yeah, I need to do a fresh on this page. Thanks for the comment.

  6. sckain
    January 20, 2014 at 8:24 am

    Primal Security: is also a new “locally sourced” podcast that is developing nicely.

  7. January 20, 2014 at 8:49 am

    Nice! Will have to add it to my play list. Thanks for the addition.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.