“Open source has solidified its position as the default base for software development. It is infiltrating almost every facet of the modern [network]. In the startup community we are seeing a continued wave of open source born companies – the next wave of Red Hat, Acquia and Ubuntu while at the same time seeing traditional IT leaders such as HP and Microsoft grafting open source DNA into their core,” said Santinelli. “In the coming years, we will see open source unlock the potential of a new generation of technologies – the Internet of Things, big data and cloud computing creating many billions in value.”
J.J. Thompson, founder and CEO at Rook Security, said open source tools are very useful for providing data enrichment to enhance the context of an attack to facilitate bucketing. Many commercial tools provide information about the IDS signature, or the origination IP, but do not glue it all together.
“Instead of trying to find a super-sized offering to do this, which none do effectively, it is often better for internal teams to glue the pieces together themselves with open sourced threat intelligence,” he said.
Additionally, scripting capture of information about the asset under attack can help security teams decide how to effectively respond based on the business criticality of the asset, he said.
The 2003 SANS report noted, which is still true today, enterprises should do an extensive risk and security analysis before choosing open source solutions over their closed source counterparts. The analysis should consider various factors such as the expertise available in-house and the support options available for the respective open source product. Well documented and implemented security policies and best practices help an enterprise to mitigate the risks and enjoy the real benefits of open source.
Sign up for CIO Asia eNewsletters.