I am finding that the security resources that I rely on out on the Internet, are more and more based outside of the US.

I am not sure why but I have a few theories, firstly all of the early innovators have sold out, either to a big corporation (McAfee, Symantec et al) or have gone commercial (Sourcefire, Tenable).

Secondly, potential litigation in US might also be scaring off the innovators from openly publishing their works. A good example is the Oedipus project, where the author of the software's employer claimed copyright in part of the work causing a promising project to be pulled from the 'net, not to mention the wrangling over issues such as the ownership of the Ethereal name (now WireShark). Lets face it Information Security is big business and $.

Thirdly and finally it could be that talent is being snapped up by big consulting firms and security vendors in Graduate and Post-Graduate programs. Anyway this is nothing more than opinion with not much to back it up (like most blogs ;-)

Some of the non-US sites that have been grabbing my attention recently (and some not so recently) are:

• Astalavista.net: the hacking and security community portal - (Germany)
  
• Sensepost: Security company, the home of Bidiblah, Crowbar, Suru, Wikto, Bile - (South Africa)
• ISECOM: The Institute for Security and Open Source Methodologies, the home of the OSSTMM guide - (Spain)
• IITAC: The International Institute for Training, Accredition and Certification, this is an amazing security learning resource, its awesome. (Germany)
• Damn Vulnerable Linux: An associate site of IITAC. Good training DVD with videos (Germany)
• Hakin9: This the site of the best security magazine on the planet. The magazine has great tools such as a bootable Linux attack distro plus a CD of tutorials. There also tools and a downloadable copy of the magazine. (Poland)
• OISSG: The home of the Information Systems Security Assessment Framework. (India)
  
• Darknet: One of the coolest InfoSec blogs around. (UK)