01 / People
People to Follow
These are practitioners, educators, and community builders who consistently put out work worth your attention. Jen's personal recommendations.
KN
Katie Nickels
Director of Intelligence at Red Canary and SANS instructor. CTI advocate and supporter of Cyberjutsu Girls Academy.
WT
Will Thomas / Bushido
Senior Threat Intelligence Advisor at Team Cymru, SANS co-author, and founder of BushidoToken Threat Intel and Curated Intelligence.
JS
Joe Slowik
MITRE ATT&CK lead, CTI consultant at Paralus LLC. Former roles at Dragos, DomainTools, Huntress, and Gigamon.
BT
Brett Tolbert
Principal Cyber Defense Threat Intelligence Analyst at Exelon, community educator, and Cyversity mentor.
JF
Jennifer Funk / Alt Funktion
CTI analyst and content creator sharing CTI education through TikTok and her website. Background in military and marketing.
MJ
Matt Johansen
Security educator, creator of Vulnerable U, speaker, and infosec community advocate.
JE
Jen Easterly
Former Director of CISA and cybersecurity leader focused on public-private partnerships and cyber resilience.
CL
Christopher Luft
Co-founder of LimaCharlie.io and organizer of the Cybersecurity Cares annual charity telethon.
GC
Grace C
Cofounder & COO of Pulsedive Cyber Threat Intelligence, incredible human being, and CTI extraordinaire!
02 / Organizations
Groups & Orgs to Know
Organizations producing valuable CTI research, frameworks, and tooling that Jen regularly references and recommends.
The Citizen Lab
Interdisciplinary research hub at the University of Toronto investigating the intersection of tech, human rights, and global security.
Curated Intelligence
A collective of CTI professionals sharing intelligence, insights, and tracking threats collaboratively.
Tracking Ransomware
Nonprofit watchdog monitoring ransomware actors and leaks in near real-time.
DFIR Report
Detailed breakdowns of real-world attacks by incident responders. Essential for staying current on TTPs in the wild.
MITRE ATT&CK
The globally used framework for describing and categorizing adversary behavior. MITRE's resources and research are foundational to CTI work.
03 / Communities & Newsletters
Communities & Newsletters
Places to hang out, stay informed, and find your people in the CTI and broader security community.
Community
LimaCharlie Community
Security-focused Slack group for detection engineers and CTI professionals. Great conversations, good people.
Join here →
CyberThreat.Cafe
Newsletter written for CTI professionals and researchers. Stays focused and practical.
Subscribe →
Thomas Roccia — Security Break
Books, trainings, coaching, and a newsletter from a seasoned CTI practitioner. Worth your inbox space.
Visit →
Community
CYA Security
Cyber security awareness in plain language. Daily news, tips, and career guidance for those breaking into cyber.
Visit →