What I look for in blogposts

A short list

TL;DR - Blogposts are usually easier to follow if they contain a good TL;DR, tables for summarizing comparisons, diagrams for explaining processes, screenshots for visualizing results, and bullet points for making things clear.

---

As a threat researcher (and a maintainer of cloudvulndb.org), I get to read, share and discuss a lot of technical blogposts and reports on a daily basis, some describing cloud vulnerabilities, others about threat actors and their activities.

But not all blogposts are easy or enjoyable to peruse. So here are a few things I hope to see whenever I start reading one, since they tend to make it easier to understand what’s going on:

1. A meaningful TL;DR - Let me know what I’m about to get into if I keep reading, and give me an honest chance to turn back. I might stop reading if I decide that the subject or content doesn’t concern me as much as the title made me think it would (which is perfectly fine). In some cases reading a good TL;DR might be enough for me to grasp enough of what the post is about so I can share a link with someone else on my team who might find it more useful than I would. I added “meaningful” here since sometimes TL;DRs don’t actually do their job.

2. Tables - If you’re comparing between things (or should be doing so), then tables make it much easier to understand the differences between these things, and the parameters by which you are comparing them. Tables give me straightforward answers to questions that arise while reading, and they are very useful references for later use.

3. Diagrams - If you’re describing how an event unfolded, or how a certain technique plays out, then you should definitely be using a diagram. Personally, these days I’m using a mix of Excalidraw and PowerPoint (which is Turing-complete, I’ll have you know). If you have the resources to do so, invest wisely in animated GIFs, which can make complicated diagrams easier to parse (you should not be surprised to learn that I often use PowerPoint for this as well).

4. Screenshots - These can be very useful as visualizations and to prove your point, but don’t overdo them, since they might make the blogpost seem longer and therefore more daunting.

5. Bullet points - If you’re writing about a vulnerability or misconfiguration, it is absolutely essential that you clearly define prerequisites for exploitation in the form of a list.