Twitter is the platform for noodling through witty opinions best served in 280 characters or less. But it's also a platform for security reports, bug disclosures and memes only infosec professionals will laugh at.
Different Twitter universes exist for different reasons, and that separation of subject matter is key for filtering out noise unrelated to pressing security matters. Among those valued accounts are the ones belonging to cybersecurity professionals.
While often full of industry insider jokes, security researchers on Twitter have something to offer many other accounts don't have — a voice of dutiful skepticism.
Here are the top 10 security Twitter accounts to follow in 2018 and beyond:
1. Lenny Zeltser: @lennyzeltser
Description: "Advances information security. Grows tech businesses. Fights malware. // VP of Products @MinervaLabs. Author and Instructor @SANSInstitute."
Why follow? Zeltser has an impressive array of followers in the cybersecurity community, like Symantec, Brian Krebs and the Malware Unicorn. His profile is a reflection of his interests, which span the security landscape, from hacking a Mac to decoding malicious scripts.
The illusion of invulnerability in cybersecurity, which applies more to professionals than to other people: https://t.co/dnBTeClyAu— Lenny Zeltser (@lennyzeltser) September 29, 2018
2. Paula Piccard: @Paula_Piccard
Description: "Proud #Startup Owner. Multilingual #NewYork-er. #WomeninTech & #Cybersecurity Advocate. #DigitalMarketing Guru & #SocialMedia#Influencer. @Spotrus_"
Why follow? Piccard’s Twitter is a hotspot for security and tech news for today. She tweets and retweets stories regarding trends for smart cities, humanizing AI and a mini robot successfully riding a bicycle. It’s a live feed for top concerns and curiosities.
Whether you call it Social Engineering or phishing, the perpetrators of cyber scams are becoming increasingly sophisticated. Link >> https://t.co/xQPBzY67Re @raconteur via @antgrasso #CyberSecurity #Malware— Paula Piccard ???????? ???????? (@Paula_Piccard) October 8, 2018
cc: @digitalcloudgal @IIoT_World @Info_Data_Mgmt @cybersecboardrm pic.twitter.com/qN9GzGcpSY
3. SwiftOnSecurity: @SwiftOnSecurity
Description: "I talk systems security, author https://DecentSecurity.com + http://GotPhish.com , write Scifi, sysadmin, & use Oxford commas. Kinda prefer they/them. MSFT MVP."
Why Follow? Aside from having a profile pasted with Taylor Swift images, SwiftOnSecurity is an account equal parts industry humor and detailed accounts of cyber-specific events.
We sit on a throne of lies pic.twitter.com/EtNreSvjXl— SwiftOnSecurity (@SwiftOnSecurity) September 29, 2018
4. Adam Levin: @Adam_K_Levin
Description: "Author of #SWIPED: How to Protect Yourself in a World Full of Scammers & Identity Thieves. http://Credit.com Founder of @CyberScout. RTs not endorsements"
Why follow? Levin's Twitter account is like a news feed dedicated specifically to cybersecurity. He rarely derails from security, but manages to offer some subtly colorful opinions on the security news of the day.
.@nytimes As usual, when the federal government fails to protect consumers, California steps up. CA is trying to protect net neutrality, the DOJ says "Think again!" https://t.co/IFhtCjQneP— Adam Levin (@Adam_K_Levin) October 1, 2018
5. Magda Chelly: @m49D4ch3lly
Description: "Cyberfeminist and founder of Woman In Cyber | MD @R3sp_Cyb3r | PhD, CISSP | Cyber Passionate #cybersecurity#womanincyber #cyber"
Why follow? Chelly's tweets align with the industrywide consensus that diversity in cybersecurity is needed. Her posts highlight the day-to-day experiences and routines of working in the infosec world.
Addressing #cybersecurity and #privacy challenges within the #blockchain community in Kuala Lumpur, Malaysia today with @NEMofficial and @WomenWhoCode ???? - great crowd and awesome exchange #digital #technology #entrepreneur #security #women pic.twitter.com/dt5ZIm4FZ0— Magda CHELLY, CISSP (@m49D4ch3lly) September 24, 2018
6. Brian Krebs: @briankrebs
Description: "Independent investigative journalist. Writes about cybercrime. Author of 'Spam Nation', a NYT bestseller. Wrote for The Washington Post '95-'09"
Why follow? Krebs is an aficionado of cybersecurity is always a recommenced account follow. Krebs often has some insight into a major security story and his tweets are unapologetically confident and informative. Always.
Being in infosec for so long takes its toll. I've come to the conclusion that if you give a data point to a company, they will eventually sell it, leak it, lose it or get hacked and relieved of it. There really don't seem to be any exceptions, and it gets depressing.— briankrebs (@briankrebs) September 26, 2018
7. Daniel Miessler: @DanielMiessler
Description: "sᴇᴄᴜʀɪᴛʏ | ᴛᴇᴄʜɴᴏʟᴏɢʏ | ʜᴜᴍᴀɴs"
Why follow? Miessler boasts an impressive list of followers including Brian Krebs, Gartner and former President Barack Obama. His account features content helping those in the infosec space and he also posts content relatable to the everyday consumer, like the growth of cybersecurity in connected cars.
A summary of a post of mine about Privacy, from back during the FBI backdoor debate. pic.twitter.com/GXgMXwwA73— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ (@DanielMiessler) September 17, 2018
8. MalwareTech: @MalwareTechBlog
Description: "Malware Researcher, Programmer, WannaCry Killer, Sort of US Resident. Follow @MalwareTechLab for research. Patreon: https://www.patreon.com/MalwareTech"
Why follow? MalwareTech has a colorful way of covering some pretty grave cybersecurity concerns. This Twitter account is catered for seasoned malware experts and a hub for licensing advice and coding insights.
Using Tor is like riding around in a bulletproof car. Using Tor Browser is like riding around in a bulletproof car with the person sent to kill you.— MalwareTech (@MalwareTechBlog) September 26, 2018
9. Raj Samani: @Raj_Samani
Description: "Chief Scientist @McAfee | @cloudsa Chief Innovation Officer | Co-author of @CyberGridBook & CSA Guide to Cloud | Advisor on Internet Security @EC3Europol"
Why follow? Samani has some notable followers and an unabashed passion for cybsersecurity. His account outlines threats and warnings ranging from the Torii botnet to insightful tech progress in blockchain tagging systems.
"DanaBot activity using an "affiliate ID" that we have observed in various part of the C&C protocol (e.g., offset 0xc of the 183-byte binary protocol header). At the time of publication, we observed the following affiliate IDs" https://t.co/gTuNYVDFCM #malware #cybersecurity pic.twitter.com/qKunr1rZDo— Raj Samani (@Raj_Samani) October 3, 2018
10. Scott Helme: @Scott_Helme
Description: "Hacker, researcher, builder of things. Founded @securityheaders and @reporturi, Pluralsight author, BBC hacker in residence, award winning entrepreneur."
Why follow? Helme's profile can read as a play-by-play of current security concerns, often taking his followers through a rundown of outages or his reactions to brow-raising events.
Tracked the US gov Privacy Shield site down to expiration, currently offline and serving the wrong cert now: https://t.co/G9BvbVAm7q pic.twitter.com/6e02EwCUO1— Scott Helme (@Scott_Helme) September 29, 2018