└── README.md
/README.md:
--------------------------------------------------------------------------------
1 | 
2 |
3 | # Security Research Blogs
4 | ####
5 |
6 |
7 | A list of the best cybersecurity research related blogs.
8 | ----
9 |
10 |
11 |
12 |
13 |
14 | + [Watchtowr Labs](https://labs.watchtowr.com/)
15 | - watchTowr Labs is the epicentre of offensive security expertise at watchTowr; injecting offensive security insight, innovation and research into the watchTowr Platform.
16 | - This blog captures research shared by members of watchTowr Labs.
17 |
18 |
19 | + [Palo Alto Unit 42](https://unit42.paloaltonetworks.com/)
20 | - Unit 42 by Palo Alto Networks offers cybersecurity services, threat research, and resources, including incident response, risk management, and intelligence reports.
21 |
22 |
23 | + [Cisco Talos Blog](https://blog.talosintelligence.com/)
24 | - The Cisco Talos blog provides in-depth analysis of the latest cybersecurity threats, vulnerabilities, and malware, offering insights into threat actor activities and defense strategies. It serves as a resource for security professionals seeking to understand and mitigate emerging cyber risks.
25 |
26 |
27 | + [Horizon3.AI](https://horizon3.ai/category/attack-research/)
28 | - Horizon3.ai's attack research section focuses on providing insights into attack paths and vulnerabilities.
29 | - The site offers resources like blogs and webinars, covering topics from credential attacks to ransomware, and provides solutions for compliance and security strategies.
30 |
31 |
32 | + [Black Hills Information Security Blog](https://www.blackhillsinfosec.com/blog/)
33 | - The BHIS blog offers insights into various cybersecurity topics, including
34 | + AI in penetration testing
35 | + Mobile application security
36 | + Android rooting
37 | + Communicating security to executives
38 | + Memory forensics
39 | + AI hacking
40 | + Cyber deception tools.
41 | - A GREAT resource for security professionals seeking to enhance their knowledge and skills in diverse areas of cybersecurity.
42 |
43 |
44 | + [Aqua Security Blog](https://www.aquasec.com/blog/)
45 | - The Aqua Cloud Native Blog provides expert insights and best practices on cloud native security, trends, threat intelligence, and compliance.
46 |
47 |
48 | + [Google Project Zero](https://googleprojectzero.blogspot.com/)
49 | - The Google Project Zero blog provides news and updates from Google's Project Zero team, including information about the team, working at Project Zero, 0-day vulnerabilities, exploit root cause analyses, and a vulnerability disclosure FAQ.
50 |
51 |
52 | + [Trellix Research Blog](https://www.trellix.com/blogs/research/)
53 | - Trellix's research blog provides insights into the latest cybersecurity trends, threats, and research, covering topics such as malware analysis, vulnerability disclosures, and threat actor behavior.
54 | - Resource for security professionals seeking to stay informed about emerging cyber risks and defense strategies.
55 |
56 |
57 | + [Sekoia Threat Research & Intelligence](https://blog.sekoia.io/category/threat-research/)
58 | - Provides cutting-edge insights in CTI and SOC, with articles analyzing threats like ViciousTrap honeypots, Interlock ransomware, and ClearFake malware.
59 | - Also covers topics such as multi-stage infection chains, Lazarus ClickFake tactics, and phishing kits targeting Microsoft 365 accounts.
60 |
61 |
62 | + [Huntress Blog](https://www.huntress.com/blog)
63 | - The Huntress Cybersecurity Blog aims to keep readers informed about cybersecurity advancements and help them stay ahead of hackers.
64 | - It offers engaging and accessible cybersecurity research, anaylsis, and education.
65 |
66 |
67 | + [Akamai Security Research Blog](https://www.akamai.com/blog/security-research)
68 | - Insights and intelligence from the Akamai Security Intelligence Group on the latest cybersecurity research and trends, providing resources and articles on topics like web application security, vulnerability detection, and malware analysis.
69 | - Aims to equip defenders with real-world strategies to safeguard their systems and stay informed about emerging threats.
70 |
71 |
72 | + [EclecticIQ Blog](https://blog.eclecticiq.com/)
73 | - The EclecticIQ Blog's purpose is to empower cyber defenses with threat intelligence. It provides products like Threat Intelligence Platform and Feeds, and resources like a library, use cases, and a learning hub. The site also features a blog with articles on intelligence research and product updates.
74 |
75 |
76 | + [Project Discovery Blog](https://projectdiscovery.io/blog)
77 | - The ProjectDiscovery blog covers a range of topics relevant to cybersecurity professionals, including vulnerability research, Nuclei templates, vulnerability management, and bug bounty etiquette.
78 |
79 |
80 | + [CheckPoint Research Blog](https://research.checkpoint.com/)
81 | - CheckPoint Research Blog includes the latest publications, podcast channel, intelligence reports, and resources related to cyber threats, malware research, and AI security.
82 | - It also provides tools like Sandblast file analysis and a live cyber threat map.
83 |
84 |
85 | + [c/side Blog](https://cside.dev/blog)
86 | - Features industry news, insights, and resources, including research on compromised websites and partnerships for PCI compliance, and covers topics such as client-side attacks, data breaches, and security solutions.
87 | - It also discusses PCI DSS compliance, offering solutions and insights into meeting its requirements, and highlights various cybersecurity threats and vulnerabilities
88 |
89 |
90 | + [Infoblox Threat Intelligence Blog](https://blogs.infoblox.com/category/threat-intelligence/)
91 | - A leading creator of original DNS threat intelligence through its deep understanding, unique access, and proactive approach to disrupting cybercrime.
92 | - They share knowledge with the broader security community by publishing detailed research and releasing indicators on GitHub.
93 | - Includes articles on topics such as
94 | + Investment scams
95 | + Malicious adtech
96 | + Phishing
97 | + Adversarial GenAI
98 |
99 |
100 | + [DomainTools Research Blog](https://dti.domaintools.com/category/research/)
101 | - The research section includes articles on deceptive browser extensions, malware distribution, cybercrime, phishing campaigns, disinformation, and account trafficking.
102 |
103 |
104 | + [Acronis Cyber Protection Center Blog](https://www.acronis.com/en-us/cyber-protection-center/)
105 | - Provides cyber protection solutions for various users, including service providers, businesses, enterprises, and home users.
106 | - The site also provides resources, support, and a partner program to help users and partners in the field of cyber protection.
107 | - Features updates and insights on cyberthreats
108 |
109 |
110 | + [DataDog Security Labs](https://securitylabs.datadoghq.com/)
111 | - Features articles and research on cloud security, emerging threats, and vulnerabilities.
112 | - Includes categories for exploring articles on emerging threats, vulnerabilities, research, open-source software, and writing.
113 |
114 |
115 | + [Socket Research Blog](https://socket.dev/blog/category/research)
116 | - Provides research news and updates, particularly focusing on security issues within various package ecosystems like npm and PyPI.
117 |
118 |
119 | + [ZeroDay Labs](https://zerodaylabs.net/)
120 | - ZeroDay Labs is an independent publication and gear hub at the intersection of cybersecurity, emerging technology, and ethical exploitation. We publish sharp, real-world insights that go beyond the surface
121 |
122 |
123 | + [Qualys Vulnerability and Threat Research Blog](https://blog.qualys.com/vulnerabilities-threat-research)
124 | - Provides insights into cybersecurity, focusing on vulnerabilities, threat analysis, and risk reduction.
125 | - It offers resources like the Qualys Detection Score (QDS) to prioritize threats, and emphasizes the importance of understanding real-world risks, patch management, and proactive security strategies.
126 | - Discusses specific vulnerabilities, threat actors, and provides guidance on how to mitigate risks.
127 |
128 |
129 | + [ESET We Live Security Blog](https://www.welivesecurity.com/en/eset-research/)
130 | - Features articles, blog posts, podcasts, white papers, and threat reports on various digital security topics.
131 |
132 |
133 | + [Veracode Threat Research](https://www.veracode.com/blog/?_blog_category=malware%2Cresearch)
134 | - Focuses on malware and research, offers insights and articles on application security, software security, and related topics.
135 | - It provides resources for developers and security professionals to enhance their understanding and practices in securing software.
136 |
137 |
138 | + [ReliaQuest Blog](https://reliaquest.com/blog/)
139 | - Platform to share its expertise and insights on security operations, threat intelligence, and cybersecurity trends.
140 | - Features articles on topics such as...
141 | + Threat research
142 | + Analyses of various attack campaigns and vulnerabilities
143 | + Strategies for improving security operations
144 | + Perspectives on the broader cybersecurity landscape
145 | - The blog aims to educate and inform security professionals on how to better defend against evolving cyber threats.
146 |
147 |
148 | + [FortiGuard Labs Threat Research](https://www.fortinet.com/blog/threat-research)
149 | - Provides insights into the latest cybersecurity threats, vulnerabilities, and malware.
150 | - It offers analysis of emerging threats, reports on malware campaigns, and research on vulnerabilities in various systems.
151 | - Aims to inform security professionals and organizations about potential risks and provides strategies for mitigating them.
152 |
153 |
154 | + [Rhino Security Labs Technical Blog](https://rhinosecuritylabs.com/blog-technical/)
155 | - Provides in-depth information on penetration testing, cloud security, and vulnerability research, often focusing on AWS, GCP, and Azure environments.
156 | - Includes articles on...
157 | + Vulnerabilities
158 | + Attack methods
159 | + Tools used in penetration testing
160 |
161 |
162 | + [White Knight Labs Blog](https://whiteknightlabs.com/blog)
163 | - Industry News
164 | - Original Research & Thought Leadership
165 | - Cyber Security Techniques
166 |
167 |
168 | + [Star Labs Blog](https://starlabs.sg/blog/)
169 | - Research articles from many different aspects of cybersecurity vulnerabilities
170 |
171 |
--------------------------------------------------------------------------------