12 AppSec Experts You Should Follow on Twitter

Keeping up with trends and breakthroughs in such an ever-changing field as Application Security (AppSec) is not simple. Whether you’re an enthusiast, a beginner or working in the field, there’s always something new to be learned.

Twitter is one of our favorite platforms to keep up with industry influencers. It provides us with a quick way to keep up with trending news, but also with straight-to-the-point opinions from these leading experts.

If you’re looking to keep up with developments in AppSec, here are some must-follow accounts (plus some featured tweets):

Nearing 200,000 subscribers, Mikko (@mikko) has an accomplished career both as a researcher and a writer on online security. This Finn may label himself as a “Supervillain”, but he has long been an advocate of spreading knowledge on security issues.

Even if you don't know who Troy (@troyhunt) is, you've likely heard of his creation Have I Been Pwned?. Author on Pluralsight and Microsoft Regional Director, Troy's Twitter is an excellent source of information for best security practices, concerns, and trends.

You have probably already heard of Dan (@dangoodin001), a seasoned journalist who has ventured into exploring white, grey, and black-hat exploits. You can find him writing on Ars Technica, and his Twitter is always a good source of information on recent scams, leaks, and outbreaks of malicious code.

Parisa (@laparisa) is pretty straightforward on what she does — she's an absolute Browser Boss. Featured on Forbes' 2012 "Top 30 People Under 30 To Watch in Tech", Parisa works at Google as Chrome's security "princess". You'll find her tweeting on browser security.

Jscrambler’s own Pedro Fortuna (@pedrofortuna) is no stranger to the main AppSec stages. Author of several application security patents, he is a seasoned speaker with several talks at OWASP events, BSides conferences, and DEF CON. You’ll find him tweeting on Application Security, Reverse Engineering, Malware, and Software Engineering.

Always extremely active on Twitter, Katie (@k8em0) has earned quite a following. She's a passionate advocate for responsible security research, so you'll often see her discussing emerging threats and giving shout-outs to other researchers.

Scott Helme (@Scott_Helme) has long been making HTTPS his mission. Working as a security researcher for quite some time, he has become a featured speaker and influencer for online security. If there's an account you should follow to keep up with encryption and SSL, this is it.

We closely follow Graham (@gcluley) on Twitter for quite some time. The UK-based independent security analyst has been in the cybersecurity space since the 1990's. Besides his tweets on current security events, he also co-hosts an unconventional security podcast.

New York Times bestseller author Brian Krebs (@briankrebs) is best known for his in-depth investigative journalist work on cybercrime. He seems to always be on top of security breaches, and his own blog hosts several tips for companies and developers.

Mario has been a keynote speaker at AppSec Europe and keeps his tweets mostly on app security exploits. He currently does research on security, in projects such as HTML5 Security Cheatsheet, DOMPurify, and HTTPLeaks.

Note: Mario recently deleted his Twitter account.

Michele (@mikispag) was the youngest Offensive Security Certified Professional (OSCP) at date (2007) and is now working at Google. You’ll find him tweeting a lot about CSP, Rosetta Flash, and BitIodine.

Guest speaker on multiple security conferences and #1 on Microsoft's Security Response Center Top 100 Security Researchers. Ashar (@soaj1664ashar) keeps his Twitter audience engaged with content on XSS, security compliance, and proper security practices.

Twitter can be overwhelming. Everyone seems to have a statement to make and finding the right people to follow can be quite the challenge.

We at Jscrambler (@Jscrambler) actively follow and engage with influencers and these 12 AppSec experts are always on top of our list.

If you're looking to upgrade your Twitter feed, this is a great place to start!

Lastly, if you want to secure your JavaScript source code against theft and reverse-engineering, you can try Jscrambler for free.