Language Selection

English French German Italian Portuguese Spanish

Open-Source Security Tools Touted at InfoSec

Filed under
OSS
Security

A well-known security consultant on Tuesday urged cash-strapped businesses to consider using free, readily available open-source security tools and applications to help cope with the rising spate of malicious hacker attacks.

In what has become a recurring theme at this year's InfoSec World conference here, president and principal consultant at Sph3r3 LLC Matt Luallen said enterprises must embrace the same hacking tools used by the bad guys to find potential faults and vulnerabilities within critical information infrastructure.

"You can use open-source applications alongside commercial applications [to cut down on costs]," Luallen said during a show-and-tell with dozens of toolsets that can handle anything from fault identification to spam detection to incident response.

"There are some open-source utilities that blow away commercial products, and you should take advantage of them."

"Some of these tools work so well that, at the very least, you should start evaluating them for widespread use in your organization," Luallen said, seeking to dismiss fears that the absence of product support when using open-source utilities could be a deterrent.

"These open-source tools have better product support-it's called Google Groups. If you do a search on Google Groups, in most situations, you'll have an international community available with answers round-the-clock."

"I'm not here to tell you that you should get rid of commercial products. There are some fantastic commercial products out there. However, in many cases, it is practical, cheaper and even better to look for an open-source alternative," Luallen said.

"Remember, the attack utilities are open-source as well. It's important that you understand the tools the bad guys are using to find holes in your system. You have to use those tools, too, and find the same faults."

Full Story

More in Tux Machines

Open source software is for everyone – so where are the women?

We all know that there is a diversity problem in tech. The depressing stats from numerous reports and studies all point to stereotypes and bias hitting young girls’ perceptions of STEM negatively, with this sitting alongside poor retention figures and a lack of women at the board level. However, one particular branch of tech may be struggling in more when it comes to diversity and inclusion – the one branch, in fact, which has inclusiveness at the very core of its ethos. Read more

Google launches new site to showcase its open source projects and processes

Google is launching a new site today that brings all of the company’s open source projects under a single umbrella. The code of these projects will still live on GitHub and Google’s self-hosted git service, of course, with the new site functioning as a central directory for them. While this new project is obviously meant to showcase Google’s projects, the company says it also wants to use it to provide “a look under the hood” of how it “does” open source. Read more

Tizen and Android

Day of Infamy, CRYENGINE, and Performance Tools