Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Open-Source Security Technology Joins Endangered List

First, SourceFire--which developed the open-source IDS Snort and commercial products based on it--was acquired by Check Point. Both Check Point and Snort developer Martin Roesch have said the open-source code base will still be enhanced, but users are waiting to see whether the acquisition will mean changes in SourceFire support.

Next, Tenable, developer of the Nessus vulnerability scanner, announced that future versions will not be open-source and that support for existing open-source versions will be limited, noting that its open-source experience had been one way rather than give and take. Within five days, a code-fork project was announced to continue open-source development based on existing Nessus code.

The moral is that heavy reliance on open source carries risk, and that the greatest insurance policy for open-source technology is participation by a large number of users and developers. If you're thinking of using open source, keep a close eye on what happens to both Snort and Nessus.