One of my favourite questions to ask an interviewee is "How do you keep on top of all the security news?" Sure, it's not a technical question, it's not even really much of a cultural question. But given 1 or 2 minutes, I think this is a quick and interesting way to get an insight into how an individual seeks out information, and how this may influence their problem solving. Yes, it's often that candidates will describe similar methods, but you'll always be surprised by the occasional different technique, or even perhaps hearing of something new.

So, how would I answer this question? Easy.

First, is twitter. Yes - there is low signal to noise in the platform, especially if you follow a lot of accounts (like I do), but there are a few ways to manage this. I use a handful of private lists which I use to refine the accounts that I will generally check each day. These are broken into 'favs', which I absolutely can't miss. Then down into topics, such as Linux, or web app sec and so on. I've setup an IFTTT rule to email me all the tweets I Star (or <3). Once in email, I generally tag with a handful of labels, such as #ctf or #testing or #burp and so on. This provides a quick and easy way to see all the tweets in a specific category. This expands a relatively simple twitter feature into more of a database.

First (and a half), hearing people talking about things at work!

Second, I read a bunch of blog articles. These used to ENTIRELY reside in Google Reader (RIP). But now I find these are cross-posted on twitter, fav'd, once in my inbox, they remain there until I've had a chance to read them. Only once read do I archive the email. I also fairly regularly then redistribute this information out through more tweets, and through internal and external slack channels.

Third, Slack. I'm in 5 instances (a few more that I'm not active in) on the desktop version of Slack (yep, that's why I need all the RAMs). I often star posts or topics that people share.

Fourth, conferences - or conference recordings / PDFs etc. Often these will be seeded from when people start to tweet about their availability. Even if I attend sessions, I'm usually there to be entertained (i.e. the InfoSec Style or Presentation).

Fifth, emails. Or, email distributions. The only two that I really pay attention to are @DanielMiessler's Unsupervised Learning, and the Team Cymru Dragon News Bytes. Bonus points for Warren Ellis' Orbital Operations. This is the only email that I regularly look forward to and general read from top to bottom.