The next blog on the “blogs I read” list is The Security Catalyst. From the ‘About’ page:
Get engaged and prepare to be entertained as expert on security and the protection of information and professional speaker Michael Santarcangelo (and friends) takes a refreshingly direct but entertaining (and easy to follow) look at the important issues in how we think about and protect our information assets.
From discussing the basics of securing your home computer in an easy-to-understand manner to preparing you to make the right choices in your important projects, the Security Catalyst has you covered. Our goal is to make your job easier and allow you to be more effective (check out our programming improvements for 2007 below).
The Security Catalyst is designed and produced in a way to provide value to security professionals, interested business professionals and even consumers. Security happens easier when the ‘catalyst’ is involved. Listen today and improve the way you practice information security. Plus, earn valuable CPE credits by listening (or even guest writing!).
I first saw this blog mentioned in a post referencing the Security Catalyst Community Forums, of which I am a proud member.
– Provides podcasts for professionals and a “family security series” for all computer users
– Qualified list of contributors that produce quality content
– Associated forum that is open to all security professionals and is very active
– Not as frequently updated as most sites but the content makes up for the lack of updates
– A great blog, community forum, and podcast resource. I strongly encourage everyone to join the Security Catalyst Community.
I’m going to start a new section of my blog in which I detail some of the blogs that I read and the reasons I keep going back to them.
I’m going to start with PCI Compliance Demystified. From the ‘About’ page:
This blog is devoted to demystifying the PCI DSS compliance process and linking you with as many resources as we can. The goal is to decentralize the information and provide a better ROI to your company or your clients.
I stumbled across this blog while searching for information on PCI compliance as it was something that was, and still is, a foggy mess to me. The blog accepts questions from anyone who wants to know more about PCI regulations or requires clarification.
– One of the best sites out there for PCI information as the authors are trying to inform rather than sell to you
– Accepts questions from readers and posts the responses for all to learn from
– Provides a phone number where you can leave voice mail questions
– Frequently updated with quality information
– Fantastic resource page with links to additional information: http://pcianswers.com/resources/
– Some knowledge of PCI, although not required, is helpful in understanding the content
– A fantastic site that every security professional should add to their RSS list even if they don’t deal with PCI on a regular basis