Language Selection

English French German Italian Portuguese Spanish

Open-Source Security Tools Touted at InfoSec

Filed under

A well-known security consultant on Tuesday urged cash-strapped businesses to consider using free, readily available open-source security tools and applications to help cope with the rising spate of malicious hacker attacks.

In what has become a recurring theme at this year's InfoSec World conference here, president and principal consultant at Sph3r3 LLC Matt Luallen said enterprises must embrace the same hacking tools used by the bad guys to find potential faults and vulnerabilities within critical information infrastructure.

"You can use open-source applications alongside commercial applications [to cut down on costs]," Luallen said during a show-and-tell with dozens of toolsets that can handle anything from fault identification to spam detection to incident response.

"There are some open-source utilities that blow away commercial products, and you should take advantage of them."

"Some of these tools work so well that, at the very least, you should start evaluating them for widespread use in your organization," Luallen said, seeking to dismiss fears that the absence of product support when using open-source utilities could be a deterrent.

"These open-source tools have better product support-it's called Google Groups. If you do a search on Google Groups, in most situations, you'll have an international community available with answers round-the-clock."

"I'm not here to tell you that you should get rid of commercial products. There are some fantastic commercial products out there. However, in many cases, it is practical, cheaper and even better to look for an open-source alternative," Luallen said.

"Remember, the attack utilities are open-source as well. It's important that you understand the tools the bad guys are using to find holes in your system. You have to use those tools, too, and find the same faults."

Full Story

More in Tux Machines

Fedora 21 End Of Life

As of the 1st of December 2015, Fedora 21 has reached its end of life for updates and support. No further updates, including security updates, will be available for Fedora 21. A previous reminder was sent on 27th of May [0]. Read more

Open source Gov.UK is 'example of UK soft power'

In introducing Manzoni, Nefkens described the UK as a world leader in the “digital transformation of government”, a model even for similar schemes in the USA and Australia. Furthermore, New Zealand has used source code - it’s based on open standards and is open source - to help build out own digital services. Read more

New ELF Linker from the LLVM Project

We have been working hard for a few months now to rewrite the ELF support in lld, the LLVM linker. We are happy to announce that it has reached a significant milestone: it is now able to bootstrap LLVM, Clang, and itself and pass all tests on x86-64 Linux and FreeBSD with the speed expected of an LLVM project. Read more

Altair to Open Source PBS Professional HPC Technology in 2016

“Altair’s open source contribution is valuable and will help advance the work of the OpenHPC Collaborative Project,” said Jim Zemlin, executive director at The Linux Foundation. “By working together to build and extend new technologies for the world’s most complex computing systems, Altair and other members of OpenHPC can accelerate exascale computing.” The open licensing system is scheduled to be released to the open source community in mid-2016. Read more