Free and Open Source Security Tools

Problem Statement

Security breaches are costly, both in terms of money and reputation, yet nonprofits have limited budgets. This session will introduce some free and low-cost tools to help address your security needs.

Security is a broad category encompassing a number of specific domains. Intrusion detection systems continuously monitor networks and systems for alarming activity. Application security refers to software development and management practices that reduce vulnerabilities, such as sanitizing input with web applications. Nonprofits that accept credit cards generally need to deal with PCI compliance, which means meeting the Payment Card Industry Data Security Standard (PCI DSS).

There are numerous free and open source security software packages to meet different types of security needs. Bro is a widely used open source network security monitoring tool. BeEF, the Browser Exploitation Framework, is an open source penetration testing tool for web applications. Some proprietary applications also have free editions. Metasploit, the Swiss Army knife of penetration testing, offers a free community edition, as does Burp Suite.

This session will provide an overview of available free and open source software tools with some suggestions about how your organization can leverage them to meet your security needs.

Wendy Edwards
The American Society for the Prevention of Cruelty to Animals (ASPCA)