For organizations building a security operations practice, open-source tools are a great place to start. The software is often free to use so it’s a low-risk way for teams to dig into practice areas and associated technologies in order to better understand their requirements and needs. But when it’s time to put that capability into production, they quickly find the total cost of ownership (TCO) can far exceed the TCO of an enterprise-ready solution. This is especially true if it is a platform and core aspect of the security architecture versus just a tool. I gained experience in this realm during my time at Sourcefire, a company founded by my friend (and, full disclosure, ThreatQuotient Board member) Marty Roesch to take open-source Snort, one of the seminal tools of the security industry, and package it for the enterprise.

Read More >

Share This