Sign in Subscribe
4 min read

3 security blogs and podcasts to follow in 2025

A roundup of three essential security resources for 2025: Detection Engineering Collective for tactical threat detection advice, tl;dr sec newsletter for curated security news and trends, and the Google Cloud Security Podcast for insights from industry leaders and Google experts.
Top Security Blogs & Podcasts to Follow in 2025
Top Security Blogs & Podcasts in 2025

In the ever-evolving security threat and tooling landscape, staying up-to-date is essential. And the security community is very grateful to have a plethora of amazing blogs, newsletters, and podcasts to learn from. While there is an ocean of information and interesting content out there, we, probably like you, don't have the time to consume everything. So, we've gone ahead and paired down what we think are the three must-follow security resources.

The resources we list here are a mix of tactical content, thought leadership and trend analysis from leaders in the security space, and tooling deep-dives; all of which are valuable to keeping your security skillset and knowledge sharp in 2025. 

Let's dig in.

Detection Engineering Collective (detect.fyi)

The Detection Engineering Collective is collection of blog posts from practitioners focused on specific, typically tactical security workflows within thread detection engineering. They also support community writers to share their specific experiences with DFIR, CTI & Threat Detection domains.

Blogs and content from detect.fyi are often tactical, focused on sharing solutions for common workflows within threat detection. For example, practitioners have shared their very tactical advice, code, and workflows on threat hunting for suspicious named pipes, hunting malicious MS Teams chats, and more in detect.fyi.

detect.fyi also has some broader community insight/career-focused content like shifting threat detection to the left, how to become a detection engineering contractor, and more.

tl;dr sec

tl;dr sec is a security blog and newsletter (with some personality!) maintained by Clint Gibler, a veteran security practitioner and current Head of Security Research at Semgrep. tl;dr sec's weekly newsletter organized by ares of interest and curated practitioner-focused content makes it a valuable resource for security folks to follow.

In particular, tl;dr sec shines with its content focused on curated news, highly-relevant trends, and practical tools and techniques.

An excerpt from tl;dr sec's newsletter
An excerpt from tl;dr sec's newsletter

Curated news

The tl;dr sec newsletter has separate sections on AppSec, Cloud Security, Blue Team, Red Team, and AI + Security, so practitioners can easily find the content and news most relevant and interesting to them. Each section contains links to longer-form/full content, presenting the "highlights" as links with brief summaries for easy and quick consumption.

Trends

tl;dr sec keeps on top of security trends so you don't have to! As I write this blog in early April 2025, when MCP is a hot topic in the space right now, tl;dr sec's last few newsletters have highlighted the use and development of MCP products.

Tools and techniques

tl;dr sec regularly highlights security tools and product announcements in its weekly newsletter, so security and intelligence can stay up-to-date with the hottest technology.

Nate also provides updates about upcoming conferences and security events, so if you're looking to meet and learn with security folks in person, make sure to give the newsletters a read.

The Google Cloud Security Podcast

The Google Cloud Security Podcast is a weekly interview-style podcast about topics in cloud security, hosted by Google's Anton Chuvakin and Timothy Peacock. To quote them, "If you like having threat models questioned and a few bad puns, please tune in!"

Puns aside, we're fans of the Google Cloud Security Podcast because of the guests they interview and the cloud-focused nature of the content. Anton and Timothy interview a mix of security-focused Google employees talking about how Google does [X] (e.g., thread detection modeling), CISOs and other senior leadership talking about executive security concerns, and trends in security engineering. With this podcast, you're getting a regular mix of cloud security best practices and insights on security trends from senior security leadership and Google employees.

Each podcast episode also contains a group of useful/relevant links to other content related to the podcast's topic that we would recommend taking a look at while you're listening to the podcast.

Honorable mentions

There are so many more great security blogs and podcasts we were not able to highlight here, and what we like to consume may not be the same as you! Other great security resources include CyberWire Daily, Risky Business Media, and the Darknet Diaries.

Want to get in touch with us? Fill out this form if you'd like to see a demo from one of our founders. If you'd like to keep up with what RunReveal releases next then drop your email below*. If you'd like to try the product then sign up now.

*runreveal is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. You can unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

Published by:

Kira Furuichi