How I use Notion to Review Cybersecurity Research
There is a ton of information security/cybersecurity research published almost every week, with new research published in blogs, like Medium or GitHub, and others published as part of organizational white papers. It can be overwhelming trying to keep up with the information coming out and finding a way to pull out all of the relevant details to use in my own career and research — here’s where Notion comes into play. In the below sections, I’ll walk you through how I created my notion page and template, an example of what this looks like when I use it, and finally my thoughts on this process and methodology now that I’ve been using it for a few weeks.
Building the Notion page and template
First things first, I developed a new page in my Notion setup called “research notes”, from here I created a database with the following attributes: paper (name), file, date read, tags, source, and publication date. There are plenty of tutorials on creating databases/pages in Notion, but it’s fairly straightforward if you have never done it before.
By having this database easily accessible and fairly simplified, I can look at a glance and find the paper I want to look at, open it up if I don’t have it open already, and look at the source and tags on the subject. Once I have the attributes loaded, I then created a template for my notes.
This template is super simple. I have a high level summary on the top left of the page, and on the right is key call outs, areas I want to research further, and then my final thoughts on the paper. Underneath all of that I have a general “Notes” field that I use for a stream of consciousness note taking as I read the paper.
Putting it all together
Using the Getting Started With Threat Hunting white paper published by Sophos in April 2022, here’s what my notes look like in my Notion template.
The High Level Summary section is incredibly high level, I don’t define anything, but I do call out anything that is process related or important I thought was part of the paper.
In the Key Knowledge/Call Outs section of this template, any specific frameworks or tools that the paper talked about I mention here. Underneath that I mention any concepts that I would like to do more research on in the Further Research section, and then below that is the Final Thoughts header I use to mention what I think of the paper itself.
The Notes header, after a divider, is where I dump all of the notes I later summarize into the High Level Summary Section. Sometimes, I’ll copy language word-for-word if I really like the way that it was written, or if there are diagrams, I’ll screenshot so I have them as later reference.
Thoughts on this Methodology
I’ve been using this method for my research notes for a few weeks now, and so far it has really helped keep me engaged in the process and I like having all of research I am interested in/want to keep for reference, immediately available and organized in a way that I can access it easily.
The notes template I use has also come in handy, by having a High Level Summary at the top of the page, I can immediately read a quick summary of the paper and any specific concepts mentioned without having to read back through the paper and pull it out again. To me, this has been a great way to keep on top of the numerous research papers and blog posts published each year and I’m going to continue to refine my process and use this for my research goals.
What are your thoughts on my methodology? Will you use this, or do you have a different method for reviewing and keeping notes on the research coming out in the cybersecurity world? I would love to know!
