Substack Cyber Newsletters

Summary

Top cybersecurity Substacks provide in-depth analysis, industry trends, and technical insights from expert practitioners. Top, highly recommended, and frequently cited newsletters include Venture in Security (Ross Haleliuk), tl;dr sec (Clint Gibler), Aphinia (Misha Sobolev), Resilient Cyber, and The Cloud Security Guy, covering topics from CISO insights to AI and app security.

Why These Substack Newsletters?

  • Actionable Advice: Many, like Resilient Cyber and Securely Built, offer practical tips for implementing security.
  • In-depth Analysis: Unlike daily news alerts, these provide detailed, expert viewpoints on why a development matters.
  • Focused Niches: Readers can choose specialized content, such as cloud (Cloud Security Guy) or, market analysis (Venture in Security). 

Source: Google AI Overview. 2/16/26

OnAir Post: Substack Cyber Newsletters

About

Web Links

Technical, Cloud, & AppSec Focus

Source

  • tl;dr sec (Clint Gibler): A popular, high-quality weekly curation of application security,, conference talks, and tools.
  • The Cloud Security Guy (Taimur Ijlal): Focuses on cloud security, AI implications, and career guidance.
  • Resilient Cyber (Chris Hughes): Deep dives into software supply chain security, DevSecOps, and cloud security.
  • Securely Built (Derek Fisher): Focuses on application security, product security, and Secure Product Lifecycle Management (SPLM).
  • Detection at Scale (Jack Naglieri): Covers topics related to security detection, monitoring, and engineering. 

TL;DR SEC

Source: Substack

tl;dr sec is a popular, free weekly cybersecurity newsletter curated by Clint Gibler that summarizes the best application security (AppSec), cloud security, and actionable research. Designed for busy security professionals, it focuses on high-value, practical tools, and techniques rather than news-cycle hype, reaching over 90,000 readers.

Key features of the newsletter include:

  • Content Focus: Covers topics such as software supply chain security, AI-powered bug hunting, cloud-native detection engineering, and API security.
  • Structure: Summarizes conference talks, technical blog posts, and new open-source tools to help professionals improve their workflows.
  • Goal: The newsletter aims to act as a “too long; didn’t read” (TL;DR) for the security industry, highlighting essential information in a 7-minute read.
  • Target Audience: Security engineers, application security specialists, and CISOs. 

The newsletter is published every Thursday and is widely regarded as a high-density, technical resource. 

Industry Trends & Strategic Insights

Source: Other

  • Venture in Security (Ross Haleliuk): Focuses on cybersecurity investing, market trends, and industry analysis.
  • Aphinia (Misha Sobolev): Weekly updates tailored for CISOs and security leaders.
  • The Security Industry (Richard Stiennon): Analysis of the cybersecurity vendor landscape.
  • Cyber Builders (Laurent Hausermann): Insights for building and scaling cybersecurity startups. 

AI & General Security

Source: Other

  • Deploy Securely: Analyzes risks at the intersection of AI and software security.
  • Unsupervised Learning (Daniel Miessler): Explores the intersection of security, AI, and technology trends.
  • Eric’s Substack (Eric Capuano): Focuses on security operations, incident response, and forensics. 

Discuss

Here is where members can discuss, give feedback, and present their ideas within the “Substack Cyber Newsletters” post. OnAir membership is required to participate.

The lead moderator for the discussions is Zeinab Shariff. We enforce civil, honest, and respectful discourse across our network of hubs. For more information on commenting and giving feedback, see our Community Guidelines.

This is an open discussion on the contents of this post.

Home Forums Open Discussion

Viewing 1 post (of 1 total)
Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.
Skip to toolbar