“Infosec twitter” has been used to describe the vibrant, active and often enthusiastic community of security practitioners working in and around the industry. It’s been a source of insight, inspiration and entertainment for many and for years. Therefore, it is with a bit of sadness that I must announce that the death of infosec twitter is upon us.
Two years ago, on July 12th, 2021, we saved our first bit of data from twitter recording tweets with discussions of CVEs on twitter. I had been researching and studying vulnerabilities for several years and our work on EPSS was in full swing. We started collecting vulnerability discussions to see what kind of benefit that data could add to the EPSS approach. Plus, CVE identifiers are relatively easy to search on and pick out from conversation, so we could be relatively confident we were collecting every tweet.
On July 12th, 2021, we recorded 1,161 original and unique tweets (no retweets) that were discussing CVEs, and we tracked tweets with CVEs every day from that point on. There is certainly an ebb and flow to the discussions and definitely a “weekend effect” with weekdays seeing an average of 1,272 tweets per day during the week and 463 tweets per day on the weekend.
Elon Musk’s purchase of twitter was official on October 27th, 2022 and he laid off half of their employees a few days later on November 4th, 2022. We saw several prominent voices leave the platform, but honestly we could not see any noticeable shift in infosec twitter over the next three months. Incidentally, I tried to capture “notable events” in the twitter timeline but there were far too many with several headlines every week to pick from. I am definitely missing the majority of headlines here, but I did toss in when the “Trust and Safety Council” was dissolved.
So where does the death of infosec twitter happen? My best estimate is around the end of April or early May. Take a look (I shifted the date range here to focus mainly on the post-Elon era):
Over the last 3 weeks of our data (June 21 to July 12, 2023), we saw a weekday daily tweet count drop from the 1,272 pre-Elon average to just 333 tweets a day, which is about a 74% drop in weekday tweets. The 2-week rolling average (including weekends) dropped down to 272 tweets over the final 2 weeks. When I attempt to remove automated CVE announcements (bots), the drop is even more significant, dropping from over 500 a day down to 66 over the last two weeks, an 87% decrease in CVE-related tweets.
Unfortunately this is where the story will stop too. The free tier we were using to collect this data was cut off last week. Between the headlines and the trend we are seeing in this data, it just doesn’t make sense to pay for access to this data. The last day we were able to save twitter data was July 12th, 2023, exactly two years from the start of our experiment. And with that, we say “so long” to infosec twitter.