Language Selection

English French German Italian Portuguese Spanish

Open-Source Security Tools Touted at InfoSec

Filed under
OSS
Security

A well-known security consultant on Tuesday urged cash-strapped businesses to consider using free, readily available open-source security tools and applications to help cope with the rising spate of malicious hacker attacks.

In what has become a recurring theme at this year's InfoSec World conference here, president and principal consultant at Sph3r3 LLC Matt Luallen said enterprises must embrace the same hacking tools used by the bad guys to find potential faults and vulnerabilities within critical information infrastructure.

"You can use open-source applications alongside commercial applications [to cut down on costs]," Luallen said during a show-and-tell with dozens of toolsets that can handle anything from fault identification to spam detection to incident response.

"There are some open-source utilities that blow away commercial products, and you should take advantage of them."

"Some of these tools work so well that, at the very least, you should start evaluating them for widespread use in your organization," Luallen said, seeking to dismiss fears that the absence of product support when using open-source utilities could be a deterrent.

"These open-source tools have better product support-it's called Google Groups. If you do a search on Google Groups, in most situations, you'll have an international community available with answers round-the-clock."

"I'm not here to tell you that you should get rid of commercial products. There are some fantastic commercial products out there. However, in many cases, it is practical, cheaper and even better to look for an open-source alternative," Luallen said.

"Remember, the attack utilities are open-source as well. It's important that you understand the tools the bad guys are using to find holes in your system. You have to use those tools, too, and find the same faults."

Full Story

More in Tux Machines

The 2016 Open Source Jobs Report

Red Hat News

  • Want to work in Release Engineering in Europe?
    Red Hat Release Engineering is hiring in Europe.
  • Red Hat targets midmarket with Keating, Tech Data partnerships
    Red Hat Canada has unveiled a new approach to reach the lower end of the enterprise and the upper midmarket in partnership with Keating Technologies and Tech Data Canada. Under the program, Keating will work with the vendor to uncover and qualify leads in the $500 million to $1.0 billion market. Once fully developed, those leads will be handed over to existing Red Hat Canada partners to close the deal, and will be fulfilled through Tech Data.
  • Gulf Air creates private cloud to support open-source big data engine
    Bahrain’s national carrier is using Red Hat Enterprise Linux, Red Hat JBoss Enterprise Application Platform, and Red Hat Storage as a platform for its Arabic Sentiment Analysis system, which monitors people’s comments through their social media posts.
  • Fedora Pune meetup April 2016
    I actually never even announced the April meetup, but we had in total 13 people showing up for the meet. We moved the meet to my office from our usual space as I wanted to use the white board. At beginning I showed some example code about how to write unittests, and how are we using Python3 unittests in our Fedora Cloud/Atomic images automatically. Anwesha arranged some soft drinks, and snacks for everyone.

Android Leftovers

“LEDE” OpenWrt fork promises greater openness

A “Linux Embedded Development Environment” (LEDE) fork of the lightweight, router-oriented OpenWrt Linux distribution vows greater transparency and inclusiveness. Some core developers of the OpenWrt community has forked off into a Linux Embedded Development Environment (LEDE) group. LEDE is billed as both a “reboot” and “spinoff” of the lightweight, router-focused distribution that aims to build an open source embedded Linux distro that “makes it easy for developers, system administrators or other Linux enthusiasts to build and customize software for embedded devices, especially wireless routers.” Read more