Introduction

Working as a cyber security analyst, you can never have enough information. There’s always new threats, vulnerabilities and security research. There is also a lot of people writing in a lot of websites and social networks and keeping up can be problematic.
As your list of website sources grow, it becomes less and less practical to check each site on a daily/weekly basis to see if there is a new post. That’s where Really Simple Syndication (RSS) Feeds come in, a standardised format that allows you to subscribe to websites and automatically receive new posts.
There are many RSS readers out there, but they work best if they are used in conjunction with a RSS aggregation service. Again, there are lots of commercial and self-hosted options available here.
I choose to use a commercially hosted aggregator, Inoreader, mainly because I have very little interest in self hosting services that require me to then maintain them. Additionally Inoreader has many more available features out of the box that self hosted solutions do not.
Inoreader (and other commercial options) is expensive. A pro subscription is $89 USD/year and the exchange rate sees this reaching close to $145 AUD. Shortly after renewing for another 12 months, I started looking at how I am able to make a year’s subscription worth $145 to me.
Pro Does Not Mean Unlimited

It’s worth noting that buying a pro subscription, the only thing that is unlimited is the number of feeds you can have – everything else has limits. As you can see however, I am not even close to maxing out any of these extras – and indeed if I am to get value out of my purchase, I need to start making more use of the services available!
Filters
One of the biggest reasons for me to use Inoreader is the ability to apply filters to feeds. There are two main filter types of my interest:
- Duplicate Filters – when subscribed to a lot of websites, particularly the larger media sites, it is common for the same story to be run on multiple websites. Having a duplicate removal filter cuts down on a lot of that noise.
- Keyword Filters – Keyword filters provide a lot of flexibility in removing articles based on specific keywords. As an example, I prefer not to receive articles about US mobile providers, and filter out articles with titles including “Comcast”, “T-Mobile” and “Charter”
Inoreader Blog: Filters
Tags
Tags have been something I have not made much use of in Inoreader, though I am very much a “tagger” in other things I use such as Evernote. I am now making much more of an effort.
Tags are a way to further refine the metadata of an article to make searching easier. for example if I see an article about an samsung galaxy S series phone or iPhone I will tag it with “mobile phones”. Article tags will appear in the navigation column IF you expand the Library item. It took me a while to discover this.
Inoreader Blog: Tags
Once you start tagging articles, you can then have more refined lists based on particular tags.

Rules

Now you have tags, you can use rules to automate the application of the tags to articles. And now you are starting to generate tagged article lists that you can quickly scan over and mark as read on each topic, rather than needing to read all feeds in a folder which can be disjointed as they jump from topic to topic.
Rules can be used for more than just tagging new articles. You can also do things when am article contains a video, to email you or send a push notification or push it out to another sharing API like Pocket, Evernote or dropbox for later viewing.
Inoreader Blog: Rules
Monitored Keywords

Monitored Keywords is like a baby sibling to rules. As the service suggests, it monitors for keywords in incoming articles, and adds them to a list, which can then be output as RSS, JSON or HTML clips.
Rules can do this too, so doesn’t this just sound like tagging?
Where monitored keywords comes into it’s own is it can monitor for the keywords across all feeds in Inoreader, not just the feeds you are subscribed to. This can be particularly handy if you need to follow an emerging event but the feeds you are subscribed to may not give enough coverage.
Inoreader Blog: Monitored Keywords

Other Things
Two major features I haven’t covered here are Newsletters and Email Digests.
Newsletters are meant to solve the issue of websites that do not have an RSS feed, but only you to sign up for a daily email newsletter. Creating a newsletter in Inoreader will generate an email address you can give to these websites and the posted email will appear as another article. Having not signed up for any email based newsletters in a very long time, I haven’t had a need for this.
Inoreader Blog: Subscribe to Email Newsletters
Email Digests are kind of the reverse – taking RSS Feeds and turning them into an email to send out. I am thinking this could be particularly useful to use for my team setting to share daily infosec news with my colleagues who are usually interested in articles but aren’t interested in having to set up an RSS reader. Something that seems to be
Inoreader Blog: Email Digests
I also like the idea behind some of the social parts of Inoreader, which allow you to connect with other people and like/comment/broadcast articles. However it seems flawed in that your channel is only visible to other Inoreader users, and you can only search for other users based on name – you’re out of luck if you want to discover people by comments or topics.
Is Inoreader Worth It for Me?
You’ve gotten this far, so you are probably keen to know whether it’s worth the money.
I sat down and did the math. If Inoreader can save me 1 minute of time per day, for say 200 work days a year, it very comfortably pays for itself.
Putting it into perspective, the average hourly wage for a security analyst in Australia is around $58 AUD. Thats about 96c/min. $0.96 * 200 days is $192 AUD. Thats a good $50 a year over and above the subscription cost.
It’s value will then increase exponentially if it helps me get ahead of an emerging cybersecurity threat by providing information sooner and allowing incident response to occur faster, potentially mitigating a threat before an attack occurs.