Curating News with RSS – The Missing Early Career Advice

When you ask for early-career advice in cybersecurity, you usually get a standard checklist: collect certifications, build a home lab, and network on LinkedIn.

Rarely does anyone talk about how to manage the sheer volume of information produced by our industry. When industry news is mentioned, it’s usually a passive recommendation to follow a specific site like Krebs on Security. But relying on manual bookmark checking or algorithmic feeds (like X, Reddit, or YouTube) is a trap. Those platforms are engineered for engagement, meaning they optimize for outrage, ads, and infinite scroll.

When I think of habits that had a strong positive impact on my career, I think of continuously reading. I think of reading blogposts that cemented concepts in my mind. Concepts that I would later either build systems to, advise customers on, make decisions with.

There is a common saying that reading two hours a day in your field will make you an expert. But that only holds true if you are consuming high-quality, professional content—like peer-reviewed papers on arXiv or deep-dive incident reports—not scrolling short-form videos or getting lost in arguments on X. The things you read frame your thoughts. Consuming quality content doesn’t just inform you of attacker techniques; it subtly teaches you how to think, write, and speak like an expert.

If you want to accelerate your career, you need to treat your industry reading like a data pipeline, curate your sources, filter out the noise and prioritize. An RSS reader is a great way to implement this.

Organizing your Feed

To get started, pick an RSS aggregator like Feedly or Inoreader. The secret to preventing your feed from becoming an overwhelming wall of text is to organize by both topic and quality. For quality try a tiered structure:

• Top Tier: This is your high-signal, must-read content. These are the sources that consistently deliver deep technical value or critical situational awareness. Reading this folder is pure professional development but feel free to include personal preference. If you find yourself always reading Articles from a certain website or blogger they should go here.
• Medium Tier: This is where you put new content. As sources prove themselves high quality you promote them. If they disprove themselves you demote them. Feel free to leave the bulk of sources here. Think of it as a place to scroll through headlines for good stories rather than a must read list like the Top Tier, or a safety new like the Low Tier.
• Low Tier: This is for noisier feeds, generic news Aggregators, or lower-signal blogs. Don’t delete them; use this folder for “productive procrastination.” When you have the urge to doomscroll social media, open this folder instead. You may also catch some nuggets of gold when quality, or hyper specific content related to you, appears in this section.

What to Follow

An RSS feed isn’t a substitute for an automated intelligence pipeline (you should still rely on dedicated automation for tracking things like CISA’s Known Exploited Vulnerabilities catalog, or pumping IOC’s into your SIEM). Instead, your personal RSS feed is for human consumption and should deliver context, tradecraft, and mindset. In addition to the Tiered Structure above I’d recommend splitting topics into Buckets that make sense to you. Here is an example of what I use.

Situational Awareness & Business Context

• The Daily News: Bleeping Computer and Risky Business keep you ahead of latest news like breaches, and critical vulnerabilities
• Your Vertical: Follow the business landscape of the sector you work in. I work in defense, so I follow sources like War on the Rocks and CyberScoop give me the geopolitical context behind the threats and business decisions.
• The Business of Cyber: Return on Security is excellent for tracking venture capital, product directions, and where the industry is spending money—which tells you exactly which pain points are receiving the most corporate attention.

High-Signal Individuals

The best insights often come from individual practitioners. Many of the brightest minds in security post infrequently—sometimes going years between deep dives. If you don’t use RSS, you will miss it when they finally drop a gem.

• Mindset & Strategy: Look for foundational pieces like John Lambert’s concepts (such as “The Githubification of Infosec”) or Chris Sanders’ work on Analyst Mindset. Richard Bejtlich and Bruce Schneier are original experts and grand masters of cyber.
• Analysis & Threat Intel: Track individual blogs from seasoned defenders and researchers like Florian Roth, Lenny Zeltser, and Marcus Hutchins.

Technical Write Ups

When you are early in your career, the biggest challenge is understanding how complex attacks actually play out in the wild. Curating a folder dedicated strictly to technical write-ups gives you a folder of homework assignments to read and understand.

• Must-Haves: The DFIR Report, Detect.fyi, Ctrl-Alt-Intel, and the Huntress Blog consistently provide the technical breakdowns that show you how attackers move and how defenders catch them.

Bottom Line

Your mindset and thoughts is directly tied to the quality of your inputs. Stop letting algorithms decide what security knowledge enters your brain. Build an RSS feed, curate it, and cultivate your expertise by reading quality sources.