Back when we first started the Security Blogger's Meetup it was pretty easy to define a security blogger, at least for admission purposes. You had a blog, you used the word "security" in it, and one of us knew you.
The blogging landscape has changed significantly since those simpler days. Some bloggers moved to other social media channels (hello Twitter!), and most corporations now use blogs as PR channels or to communicate with their customers. As much as we hate to run through the exercise every year, since the SBM is so popular we need to figure out where to draw the lines.
The SBM is all about community. A chance for those of us who interact online to engage in the real world. Not *everyone* who engages online, but those that contribute content to the community and participate in the public conversation.
As much as we hate to do it, every year we need to revisit where we draw the lines of who can attend. The SBM isn't another open party with a wristband you grab at a booth, it is a private event for a community that is organized every year by a group of volunteers. Since we get a ton of questions on this every year, it's time to put it in writing. (And as the fomer bouncer and the person who started this entire thing, the job falls to me).
Here is how we are defining a security blogger:
* You have or write for a blog; at least a few posts over the past year. The blog has to exist before the invites go out (yes, we have had people fake this for the awards or attendance in the past).
* Your posts have to contribute content or ideas to the security community. A weekly news summary with nothing more than links to material written by others doesn't count. Your content has to contribute to the public discussion.
* Your posts need to be under your masthead. No ghostwriters allowed.
* PR-focused content doesn't count. I get to be the bad guy to decide, with the input from the other committe members. No offense to my PR friends, but PR-focused content on a corporate blog is different than what we are looking for at the SBM. What do we look for? Basically, are you contributing back to the community with your content? Do you have security domain knowledge? Feel free to email me if you have any questions, but for the most part this eliminates the PR maintainers/herders of corporate sites who are focused more on contributing to their employer than the community.
* If you used to write a blog but now just tweet a lot (as in no blog posts in the past year), you're out. There are other Twitter-focused events for ya.
I hope this helps, and as I mentioned you can email me directly if you have any questions (firstname.lastname@example.org). We aren't trying to be elitists, but keep this as a community-focused event. There are a lot of people who write that aren't part of the community, and a lot of people in the community that don't write. This event is for those that contribute to the public security dialogue.