Jump to content

How do open source tools stay secure?


securitybreach

Recommended Posts

securitybreach
The security of open source code have been in the news lately, what with Heartbleed, Shellshock, and Poodle. And the world has been learning that open source code is now widely used everywhere, from big enterprises to small businesses. As someone who has spent many years working with open source tools, I was happy to present a webinar recently on the urgent and important issue of how to keep them secure. You can watch and hear the recorded webinar in the player below.

 

Topics that I talked about include how the open source world works, and how code sprawl creates opportunity for fast progress, security holes, new forks, and constellations of psuedo-related things that form a “program”. I also talk about whether the open-source model is secure. Is closed-source more secure? Does open source scale to enterprise security? I looked at a couple of recent exploits and vulnerabilities (and headlines). I also reviewed what I call the “Enterprise open-source security toolbox” which includes: Puppet/Chef – server build control/automation; Git/SVN/CVS – version your code to manage it; Surricata/Snort IDS/IPS – share rules to community; ELSA/Syslog frameworks – centralized log management; and Nessus/OpenVAS – scan your boxes....

 

Author Cameron Camp, ESET

http://www.welivesec...ls-stay-secure/

 

You have to register to listen to the ESET talk 0:55:46.

 

I keep waiting for Goretsky to pop in and speak...

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...