PJ Cabrera - 2005-11-01

RSS Feeds and Podcasts Help Security Pros Keep Up
ITworld.com, Security Strategies

Brent Huston, security.itworld.com

Let's face it. Infosec is hard. It's time-consuming and resource-intensive, and keeping up with the onslaught of information can be tough. Two tools that I use to keep up with the information overload are RSS feeds and podcasts.

RSS has allowed me to reduce the time I spend keeping current from four hours a day down to about an hour. If you haven't used RSS, you should. There are hundreds of excellent readers for the feeds in the free, shareware and commercial realms. RSS is critical for infosec folks because it allows you to easily compile, aggregate, synthesize and summarize the latest security news and issues in a near real-time fashion. After you download and get familiar with a reader, here are a few good information security feeds that I use on a regular basis:

This is the SANS incident center feed which is excellent for an at-a-glance view of the state of security.

This is the FRSIRT feed of new vulnerabilities and exploits that includes daily information on threats and various vulnerabilities.

This one is full of in-depth security information, tools and projects.

If you want to locate more feeds, try using an RSS feed search engine such as: http://www.feedster.com/

Podcasts are another time saver, and many excellent technical and security content are becoming available. Podcasts are even available to help you study for certifications, classes, etc.

In fact, in an oddly useful combination, my RSS reader (and many others) can convert text RSS feeds into podcasts. Once you get used to the computer voice monotone, it's actually a pretty useful way to get through information. Instead of music, I use the RSS converted to podcasts and listen while I grocery shop, commute and do other mundane activities. (P.S. - I guess this is pretty geeky, so try at your own risk.)

Podcasts are a great form of learning and entertainment. There are literally thousands of them available. With a small amount of time invested, you can easily automate delivery, update and management of all kinds of data to your mobile devices.

Try these two technologies and see if they help make the crush of security a little less on your life. They just might free up some more time to swim, play golf or rediscover those family members you haven't seen in a while!