Free and Open Source Security Tools

Security is a broad category encompassing a number of specific domains. Intrusion detection systems continuously monitor networks and systems for alarming activity. Application security refers to software development and management practices that reduce vulnerabilities, such as sanitizing input with web applications. Nonprofits that accept credit cards generally need to deal with PCI compliance, which means meeting the Payment Card Industry Data Security Standard (PCI DSS).

There are numerous free and open source security software packages to meet different types of security needs. Bro is a widely used open source network security monitoring tool. BeEF, the Browser Exploitation Framework, is an open source penetration testing tool for web applications. Some proprietary applications also have free editions. Metasploit, the Swiss Army knife of penetration testing, offers a free community edition, as does Burp Suite.

This session will provide an overview of available free and open source software tools with some suggestions about how your organization can leverage them to meet your security needs.