5 open source security tools too good to ignore
Open source is a wonderful thing. A significant chunk of todays enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked. Fortunately, thats changing. If you havent been looking to open source to help address your security needs, its a shameyoure missing out on a growing number of freely available tools for protecting your networks, hosts, and data. The best part is, many of these tools come from active projects backed by well-known sources you can trust, such as leading security companies and major cloud operators. And many have been tested in the biggest and most challenging environments you can imagine. Open source has always been a rich source of tools for security professionalsMetasploit, the open source penetration testing framework, is perhaps the best-knownbut information security is not restricted to the realm of researchers, investigators, and analysts, and neither are the five open source security tools we survey below. IT administrators and software developers have a key role to play, and with these five tools, they can make a difference. Commit Watcher: Check code repos for secrets Secrets dont belong in open source repositories, but that doesnt stop absentminded developers from storing them there. Weve all read the reports of people accidentally exposing private Amazon Web Services keys, hard-coded passwords, or API tokens by uploading them to GitHub or other code repositories.
Read Full Article at http://www.computerworld.com.my/resource/applications/5-open-source-security-tools-too-good-to-ignore/