Tools of the trade
Let’s face it, security in an organisation can be expensive. You need corporate antivirus, firewalls, a SIEM, a Vulnerability Management solution and of course, that NextGen Threat Analytics and Attack Simulating Toaster (NGTAAST™). Congratulations, you’ve just racked up over a million dollars’ worth of gear. If you are a large corporation with large security budgets, that’s great! Chances are, these controls are legitimately useful for you and help with your day-to-day defence. However, if you are a smaller company, the reality is that you have very finite resources to stop the exact same adversaries that threaten large corporations.
The good thing for smaller companies is that it’s not just black and white. You don’t have to choose between having the best AV or none at all. There are many free and open source tools available that can help if not completely replace paid software. What I love about the infosec industry is that it is full of people who truly care. They write and release software not for money, but to make a difference in the world. Let’s take a look at some of my favourite free and/or open source tools.