Open source security tools and software

Open source security tools offer numerous benefits to enterprise security, but they can also come with their own vulnerabilities. Here you'll find news, expert advice, learning tools and white papers on Snort, Nmap, Nessus and other popular open source security tools.

New & Notable

Download this free guide

Instant Download: Building an Incident Response Action Plan

77% of organizations admit they don’t have a formal cybersecurity incident response plan (CSIRP) that is applied consistently across the organization, according to IBM. If you’re one of them, here’s everything you need to know about building an efficient incident response action plan.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Open source security tools and software News

March 28, 2019 28 Mar'19
Ghidra update squashes serious bugs in NSA reverse-engineering tool

The NSA answered lingering questions around what kind of support it would provide for Ghidra after releasing the tool as open source with a patch that fixed serious bugs.
March 15, 2019 15 Mar'19
Despite reservations about NSA's Ghidra, experts see value

The NSA's reverse-engineering tool, Ghidra, was released to the public and despite some initial concerns experts are generally bullish on the prospects for the free software.
March 06, 2019 06 Mar'19
NSA releases Ghidra open source reverse-engineering tool

The National Security Agency launched its highly anticipated reverse-engineering tool, Ghidra. The free software offers features found in high-end commercial products.
February 25, 2019 25 Feb'19
WinRAR bug found and patched after 19 years

A WinRAR bug that affects every version of the app over the past 19 years was discovered and patched. But it's unclear if the millions of the app's users will get the needed fix.

View All News

Open source security tools and software Get Started

Bring yourself up to speed with our introductory content

What it takes to be a DevSecOps engineer

To address security early in the application development process, DevSecOps requires a litany of skills and technology literacy. Learn what it takes to be a DevSecOps engineer. Continue Reading
How does AttackSurfaceMapper help with attack surface mapping?

A new open source pen testing tool expedites attack surface mapping -- one of the most important aspects of any penetration testing engagement. Continue Reading
Wireshark tutorial: How to use Wireshark to sniff network traffic

Learn how to use the Wireshark packet analyzer to monitor network traffic, as well as how to use the Wireshark packet sniffer for network traffic analysis and inspection. Continue Reading

View All Get Started

Evaluate Open source security tools and software Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

DevOps security checklist requires proper integration

There are a lot of moving parts to adding security into a DevOps environment. Using application testing DevOps security tools are key to the equation. Continue Reading
Challenges and benefits of using the Mitre ATT&CK framework

Taking the first step might be the biggest hurdle to using the Mitre ATT&CK cybersecurity framework. Find out more about the benefits, challenges and how to get started. Continue Reading
Should I use GitHub's new private repositories?

Is GitHub's new private repositories service robust enough to serve the needs of enterprises? Nick Lewis examines what works -- and what doesn't. Continue Reading

View All Evaluate

Manage Open source security tools and software

Learn to apply best practices and optimize your operations.

Build an agile cybersecurity program with Scrum

Scrum's core principles translate well into an agile cybersecurity program setting. Learn how this framework bolsters communication and collaboration within infosec teams. Continue Reading
How to put AI security to work in your organization

Countering cyberthreats through human effort alone is impossible; you need to add AI and machine learning products to your security program. Here's how to get started. Continue Reading
AI, machine learning in cybersecurity focused on behavior

Artificial intelligence, and machine learning in particular, is being fruitfully employed in IT security tools. Learn where this advanced technology works best now. Continue Reading

View All Manage

Problem Solve Open source security tools and software Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How does a WordPress SEO malware injection work and how can enterprises prevent it?

Security expert Nick Lewis explains how to prevent WordPress SEO malware injection attacks that rank the attacker's search engine results higher than legitimate webpages. Continue Reading
How can attackers exploit a buffer underflow vulnerability?

A buffer underflow was found to be caused by a vulnerability in strongSwan's open source VPN. Learn how this is possible and how attackers can exploit it with Judith Myerson. Continue Reading
GD library: How did it open the Junos OS to attacks?

The GD library used in the Junos operating system has opened Junos up to attacks. Nick Lewis explains how it happened and what it means for companies using open source software. Continue Reading

View All Problem Solve