- CSO from IDG
- Dark Reading
- Hack in the Box
- Paul's Security Weekly
- SC Magazine
- We Live Security
- Hacks4Pancakes
- V3 from Incisive Business Limited
- Krebs on Security
- threatpost
- The Register
- Naked Security
- Detectify Blog
- Security Shizzle — Inti De Ceukelaire
- fin1te: Bug Bounty Participant
- maKthePla.net
- Security & Code Blog
- >_VYSEC
- PWNHACK
- Philippe Harewood
- ARNE SWINNEN'S SECURITY BLOG
- NahamSec.com
- Daniel LeCheminant
- We Hack People
- IT-Securityguard Blog
- The misunderstood X-XSS-Protection
- Bug Bounty Findings by Meals
- Respect XSS
- Graceful Security!
- Fooling the Interpreter
- Klikki Oy
- Security-Shell
- { Better } Hacker
- [Netflix Tech Blog (Not 100% security focused)] (http://techblog.netflix.com/)
- [Troy Hunt Blog] (https://www.troyhunt.com/)
- [Securosis Blog] (https://securosis.com/blog)
- [Cigital Blog] (https://www.cigital.com/blog/)
- [Security Week] (http://www.securityweek.com/)
- [Securify Blog] (https://www.securify.nl/blog.html)
- [Fastly Security Blog] (https://www.fastly.com/blog/category/security)
- [Dinis Cruz Blog - Application Security] (http://blog.diniscruz.com/)
- Hack 'n' Slash
- Cybrary
- Hacksplaining
- Infographic -- Cyber Kill Chain [Deadlink?]
- Bugcrowd Tutorials
- Slideshow -- 5 Tools for Better Code Security
- Texas A&M Free Online Courses
- [Structuring the Chief Information Security Officer (CISO) Organization] (https://insights.sei.cmu.edu/sei_blog/2016/02/structuring-the-chief-information-security-officer-ciso-organization.html)
- [Open Security Architecture] (http://www.opensecurityarchitecture.org/cms/)
- Hack Forums
- XSS Game
- KaliLinux.co
- Armitage (fast and easy hacking)
- Cyber Training 365 -- Paid resource
- [OWASP] (https://www.owasp.org/index.php/Main_Page)
- [Angular Security Guide] (https://docs.angularjs.org/guide/security)
- [SafeCode Security Training] (https://www.youtube.com/playlist?list=PLgiLlNCU6s9eeasnGXAMZj825uU6s7Nje)
- [Mozilla SSL Configuration Generator] (https://mozilla.github.io/server-side-tls/ssl-config-generator/)
- [Mozilla Web Security Guide] (https://wiki.mozilla.org/Security/Guidelines/Web_Security)
- [C++ Coding Guide] (https://github.com/isocpp/cppcoreguidelines)
- [CERT Secure Coding Guides (C,C++,Android,Java,Perl)] (https://www.securecoding.cert.org/confluence/display/seccode/SEI+CERT+Coding+Standards)
- [SANS Top 25 Coding Errors] (https://www.sans.org/top25-software-errors/)
- [Building Security In Maturity Model (BSIMM)] (https://www.bsimm.com/)
- [OpenSAMM (Software Assurance Maturity Model)] (http://www.opensamm.org/)
- [Microsoft Security Development Lifecycle - Waterfall] (https://www.microsoft.com/en-us/sdl/)
- [Microsoft Security Development Lifecycle - Agile] (https://www.microsoft.com/en-us/SDL/Discover/sdlagile.aspx)
- [Securing DevOps] (https://www.manning.com/books/securing-devops)
- Pentester Academy
- DDoS Hacking Forum [Deadlink?]
- Hack Yourself First -- PluralSight
- Pentest Bookmarks
- [Vulnerable Node] (https://github.com/cr0hn/vulnerable-node)
- [pwnableweb] (https://github.com/Matir/pwnableweb)
- Webgoat
- [OWASP-VWAD] (https://github.com/OWASP/OWASP-VWAD)
- Smash The Stack
- Crypto Pals
- Cobalt Strike
- [Apple Security Certifications & Guidance] (https://support.apple.com/en-us/HT202739)
- [Cloud Security Alliance Critical Areas for Mobile Computing] (https://downloads.cloudsecurityalliance.org/initiatives/mobile/Mobile_Guidance_v1.pdf)
- [Cloud Security Alliance Secure Development of IoT] (https://downloads.cloudsecurityalliance.org/assets/research/internet-of-things/future-proofing-the-connected-world.pdf)
- [ISO/IEC 27001:2013 (Information Security Management System ISMS)] (http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=54534)
- [ISO/IEC 27002 (Best Practice Controls in Relation to ISMS)] (http://www.iso.org/iso/catalogue_detail?csnumber=54533)
- [NIST CyberSecurity Framework] (http://www.nist.gov/cyberframework/)
- [Payment Card Industry (PCI) DSS] (https://www.pcisecuritystandards.org/document_library?category=pcidss&document=pci_dss)
- [Health Insurance Portability and Accountability Act (HIPAA)] (http://www.hhs.gov/hipaa/for-professionals/security/)
- [Federal Financial Institutions Examination Council (FFIEC) Security Guides] (http://ithandbook.ffiec.gov/it-booklets/e-banking/risk-management-of-e-banking-activities/information-security-program/security-guidelines.aspx)
- [Securities and Exchange Commission (SEC) Cyber Security Guidance] (https://www.sec.gov/spotlight/cybersecurity.shtml)
- [Federal Trade Commission (FTC) Data Security Guide] (https://www.ftc.gov/tips-advice/business-center/privacy-and-security/data-security)
- [Federal Communications Commission (Small Business Focused)] (https://www.fcc.gov/cyberplanner)
- [Center for Internet Security (CIS) Critical Controls] (https://www.cisecurity.org/critical-controls/Library.cfm)