Social Network For Security Executives: Network, Learn & Collaborate
Short of resources, but still want to have a strong IT-security ecosystem? There are multiple tools in the market specially for small to medium enterprises who can use these open source tools. Although, they can't match the capabilities as provided by the premium tools provided by big vendors which comes with hefty price tags. But still they provide quite a decent features without burning your pocket. We bring you the list of Top 10 Open Source or Free IT-Security Tools:-
1. Security Onion (Category: Package with multiple capabilities) is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, Network Miner, and many other security tools. It is a great asset in the defender’s toolkit. It is a Linux distro for intrusion detection, network security monitoring, and log management.
2. OSSEC (Category: IDS/IPS) is fully open source and free for your use. You can tailor OSSEC for your security needs through its extensive configuration options, adding your custom alert rules and writing scripts that take actions in response to security alerts. You are free to modify the source code to add new capabilities. OSSEC watches it all, actively monitoring all aspects of Unix system activity with file integrity monitoring, log monitoring, root check, and process monitoring.
( Read More: Top IT Security Conferences In The World )
3. Cuckoo Sandbox (Category: Endpoint Detection and Response) is an advanced, extremely modular, and 100% open malware analysis system with infinite application opportunities. By default, it is able to:
4. Nikto (Category: Application Security) is an extremely popular web application vulnerability scanner. Web application vulnerability scanners are designed to examine a web server to find security issues. Identifying security problems proactively, and fixing them, is an important step towards ensuring the security of your web servers. It checks for a number of dangerous conditions and vulnerable software. Running it on a regular basis will ensure that you identify common problems in your web server or web applications.
5. Metasploit (Category: Vulnerability Assessment) A collaboration of the open source community and Rapid7. Their penetration testing software, Metasploit, helps verify vulnerabilities and manage security assessments.
6. Bro (Category: IDS/IPS) is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well-grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber infrastructure. Bro's user community includes major universities, research labs, super-computing centers, and open-science communities.
7. Wireshark (Category: Package with multiple capabilities) It is the one of the foremost network protocol analyzer. It lets you see what's happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions.
8. OpenVAS (Category: Vulnerability Assessment) It is the advanced Open Source vulnerability scanner and manager. It is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The powerful and comprehensive solution is available as Free Software and maintained on a permanent basis.
9. Kali Linux (Category: Package with multiple capabilities) is an open source debian distribution that has pre-installed pen testing tools.
10. OSSIM, Alien Vault's (Category: Security Information and Event Management) Open Source Security Information and Event Management (SIEM) product, provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.
What are the IT Security Tools you use the most & find very helpful ? Share with us in comments below.