Open-source software that is free to download, deploy and modify is a vital component in the fight for cyber security. Freely available software not only helps defend systems that would otherwise be unprotected, but it also allows people to learn and develop vital cybersecurity skills. In this post, we review how Cisco Talos supports open-source software and initiatives.
The adoption of the early World Wide Web was greatly helped by free software. The GNU Project and the Apache Software Foundation released programs allowing anyone to create their own webserver. Administrators and engineers could practice and hone their skills in operating and developing on the platform, leading to a motivated, self-trained workforce that could apply their skills.
Open-source software helps drive innovation. Depending on the terms of the license, open-source software can be incorporated into new software packages and services. This allows innovators to focus on providing new functionality and solving problems without having to spend valuable development time replicating perfectly good software that is already available.
Developers need and deserve recompense; everyone needs to eat and pay their bills. However, open-source software is often developed as a non-commercial endeavor to solve a particular problem or to provide functionality that is too important to be left to the whims of private commerce. The inclusion of open-source software in other projects and services can help open-source developers fulfill objectives in spreading the open-source creed, through solving a problem well or supporting the wider community. Often, the success of an open-source project can bring employment opportunities to those who are skilled in developing or maintaining the original software, or commercial licensing opportunities.
Cisco and Talos are committed to protecting the internet. One of the ways that we achieve this is by publishing open-source tools to enable users to protect systems, to learn about how to detect and block threats, and by providing educational content to help train the future cyber security workforce.
The Cisco Networking Academy has trained over 20 million students in 190 countries helping people learn and gain employment in network and security. Through the Skills for All initiative, the academy offers free training and courses to help anyone build, deploy and secure technology as well as forge a career.
Open-source security tools provide learning and development opportunities, but most importantly allow the wider security community to contribute to the global fight against cyber threats. For many systems across the planet, open-source solutions are the only protections stopping systems from becoming compromised.
In addition to all our open-source tools, Talos has a whole range of tools, including ransomware decryptors, and data available on our GitHub repository. Providing open-source security software for free and supporting the community that works with these tools allows us to fulfill our mission to protect the internet and make life difficult for the bad guys.
Snort is Talos’ open-source IDS/IPS system, which detects network-based threats and helps troubleshoot network issues. Commercial licensing allows Snort to be integrated as part of third-party solutions. Licensed solutions are deployed on over 450,000 systems across the globe, which in turn are likely to protect further systems downstream.
Snort dates back to 1998, having undergone continuous development and innovation over the years. The latest version of the engine released in March is the first to include machine learning capabilities, allowing Snort to learn autonomously how to identify malicious network traffic, demonstrating our continued commitment to the platform.
The open-source Snort rule base is curated and verified by Talos but largely developed by the open-source community. The twice-weekly rule release is currently downloaded by over 60 000 users.
ClamAV is our open-source anti-malware engine. This software is also widely deployed in third-party solutions and services, notably in scanning inbound email and web connections, as well as providing end-point protection. We are aware of more than 18 million installations which we are proud to help protect.
-trained defenders. Ultimately, we will succeed through sharing knowledge and tools, and most importantly supporting each other. Try out one of the Skills for Allcourses, or download one of our open-source tools. Free software offers the possibility of both developing skills and solving problems.