The open source ‘R’evolution

An open source approach to security can bring benefits in terms of time to react to threats and a wider base of knowledge

Tags: Open sourceSourcefire (
  • E-Mail
The open source ‘R’evolution Perridge: Open source has a long and successful history, and it can be leveraged for security purposes as well.
By  Anthony Perridge Published  May 10, 2014

The concept of open source software has been around since the early ‘80s, beginning as a way for computer science academics and corporate researchers to work in collaboration to build great software to address new challenges.

As technology adoption spread in the 90s,interest in the ‘open’ approach continued to grow as users also recognised the value side of the equation.Not only were they gaining access to software that had the benefit of a community of engaged and interested minds working together to continuously improve it, but open source saved costs. As corporate networks expanded another benefit emerged. Open source enabled agility — organisations could more easily integrate complementary applications and services into their environments to respond to new business imperatives and expand capabilities for their users.

More recently, in the context of cybersecurity, open source is a foundational way to solve complex problems. In today’s environment where the exploitation of trust is a common mode of operation for online attackers, and where customer trust in the integrity of products is also on the line, open source is gaining further inroads.

Modern corporate networks extend beyond the traditional perimeter to include data centres, endpoints, virtual, mobile and the cloud. These networks and their components constantly evolve and spawn new attack vectors including: mobile devices, web-enabled and mobile applications, hypervisors, social media, web browsers and home computers. Attackers are taking advantage of gaps in protection to accomplish their mission. They also go to great lengths to remain undetected, using technologies and methods that result in nearly imperceptible indicators of compromise.

Open source is a valuable tool for defenders as they work to close these gaps and to gather greater intelligence about potential threats to make better decisions and take action. Let’s take a closer look at the role of open source in these two areas:

Closing security gaps
Reducing the attack surface is essential as organisations strive to protect against the latest sophisticated threats. Waiting for updates from vendors to close vulnerabilities isn’t realistic when high-value assets are at stake and attacks are relentless. For organisations creating their own custom applications, the ability to detect and protect these applications is even more challenging. An open approach can help organisations close security gaps faster with the ability to create protections on their own or apply shared best practices and tools.

Gaining greater intelligence
To deal with dynamic environments organisations need access to global intelligence, with the right context, to identify vulnerabilities and take immediate action. An open architecture facilitates the sharing of real-time threat intelligence and protections across a vast community of users for collective immunity. It also streamlines integration with other layers of security defenses added as IT environments and business requirements change, thus enabling more effective, coordinated protection.

In the realm of technology, open source has a long history and a legacy of success. Based on the tenets of community, collaboration and trust, it is an approach that delivers stronger solutions, addresses complex problems and demonstrates technical excellence, innovation and dependability. The applications and benefits of open source will continue to evolve and grow. Educators are using open source as a way to inspire up-and-coming technologists. It enables students to learn by doing. With a next generation of minds focused on next-generation technology challenges, open source will continue to revolutionise the way we overcome obstacles and create opportunities.

Anthony Perridge is EMEA Channel Director at Sourcefire, now a part of Cisco.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code