The Most Influential Linux Security Blogs
Linux security blogs
Finding blogs dedicated to Linux security can be challenging. We consider Linux Audit to be the best blog about Linux security and securing your system. Not very humble, but actually there aren’t that many blogs about the topic. That is why we made an effort to seek the best and most influential blogs that at least cover some Linux security.
What makes it influential? It should have quality articles, updated regularly, and tailored to Linux or UNIX security. The countless “How to” websites are skipped.
Months of searching and reading resulted in a list of blogs, sorted by category. If you are interested in the developments on Linux security, add them to your RSS feed reader. For some subjects we couldn’t find a specialized blog yet. In that case, we added some filler articles from our own Linux Audit blog. If you have a better replacement, we love to hear.
Linux developers
Some of the most influential people to Linux security are those who do work on it. While they don’t specifically specialize in one subject, it wouldn’t be fair to leave them out.
Kees Cook
Kees currently works for Ubuntu. He does kernel development and focuses on several areas related to security. One of these areas is seccomp, a framework to restrict the available system calls to processes. Very useful for sandbox implementations, or restricting your web browser. The Chrome browser is known to have implemented it.
Kees has its own blog and can be found on X .
Malware Research
One of the names to come in mind for malware research is Lenny Zeltser . He is the creator of the REMnux Linux distribution, which helps you performing malware analysis. He can be found on X well.
In the same field, you can’t ignore the people behind research group Malware Must Die! , or MMD. They cover a lot Linux related malware and explain on their blog how it works.
Compliance
PCI DSS compliance
Many companies have articles about PCI DSS on their website. Unfortunately, I couldn’t find a quality blog which covers PCI and Linux in particular.
Suggested article:
System Hardening
No particular blog is known to specifically talk a lot about this subject. Here is an alternative post we created:
SELinux
When thinking about SELinux, two names come directly to mind: Paul Moore and Dan Walsh. Both have their own blog, usually talking about the developments on SELinux. Paul includes the yearly “State of SELinux” presentations on his personal site, which is giving on the Linux security summit.
Others
Some blogs cover more generic subjects. We have found at least the blog of Robert Penz , who writes on a regular basis about Linux, or IT security. Enough to consider them also specialized enough to make it to our reader list.
Then there is Major Hayden , a system engineer focused on automation and security. He writes about a wide range of topics, usually sharing problems he encounters while doing his work. Great for those encountering the same issues, and don’t want to spend the same amount of time he had to.
Got another blog about Linux security that was not mentioned yet? Let it know!