Open-Source Security Technology Joins Endangered List

Snort creator SourceFire has been acquired by Check Point. Nessus creator Tenable plans to turn its products into a closed-source license. What does this mean for open-source security?

October 21, 2005

1 Min Read
NetworkComputing logo in a gray background | NetworkComputing

First, SourceFire--which developed the open-source IDS Snort and commercial products based on it--was acquired by Check Point. Both Check Point and Snort developer Martin Roesch have said the open-source code base will still be enhanced, but users are waiting to see whether the acquisition will mean changes in SourceFire support.

Next, Tenable, developer of the Nessus vulnerability scanner, announced that future versions will not be open-source and that support for existing open-source versions will be limited, noting that its open-source experience had been one way rather than give and take. Within five days, a code-fork project was announced to continue open-source development based on existing Nessus code.

The moral is that heavy reliance on open source carries risk, and that the greatest insurance policy for open-source technology is participation by a large number of users and developers. If you're thinking of using open source, keep a close eye on what happens to both Snort and Nessus.

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights