The place to Discover the Finest Open Supply Safety Know-how

Prior to now decade or so, open supply software program has turn out to be a important element of many firms’ tech stacks. The proliferation of cloud computing and synthetic intelligence (AI) accelerated this development, making open supply tasks similar to Kubernetes, TensorFlow, Jenkins, and OpenCV extra engaging to builders and infrastructure groups alike.

And safety operations are not any exception. Open supply software program has discovered its method into cybersecurity engineering and operations. Snort, OpenSSL, Yara, Wireshark, and many others., are sometimes present in organizations’ arsenal of safety instruments. Open supply is now basic to safety operations, and constructing, supporting, and utilizing open supply instruments is an integral a part of InfoSec tradition.

To raised observe the proliferation of open supply software program in cybersecurity infrastructure and functions, Andrew Smyth of Atlantic Bridge and I created The Open Supply Safety Index as a free useful resource for builders and safety engineers to search out and establish the most effective open supply safety expertise. The index lists the highest 100 hottest and fastest-growing safety tasks on GitHub. We emphasize quick rising as we consider fashionable safety operations are totally different from safety prior to now, when most deployments occurred on-premises. As such, lots of the fast-growing OSS tasks are newer initiatives designed for contemporary infrastructure environments.

To construct this index, we use the GitHub API to tug tasks primarily based on tags and subjects, and manually added tasks that lack labels. To constrain our scope, we restricted the search to tasks which are thought-about direct safety instruments. People who have safety implications however fall extra into infrastructure capabilities, similar to Terraform, Elastic, Istio, and Envoy, will not be included right here.

How We Ranked the Entries

As soon as we had the uncooked record, we ranked entries primarily based on an “Index Rating,” which is a weighted common of six metrics retrieved from GitHub. They embrace:

  • Variety of stars: 30%
  • Variety of contributors (excluding bots and nameless accounts): 25%
  • Variety of commits the undertaking had within the final 12 months: 25%
  • Variety of watchers: 10%
  • Change within the variety of watchers during the last month: 5%
  • Variety of forks: 5%

Primarily based on this scoring methodology, we record the highest 100 GitHub tasks on the The Open Supply Safety Index web site. The index is an evolving, dwell undertaking. We are going to refresh the info month-to-month to maintain the record present.

Whereas the highest 25 record consists of acquainted instruments like Metasploit, Wireshark, and OS Question, there are additionally comparatively new entrants, similar to Cilium, Checkov, and Calico, which are designed particularly for contemporary and cloud-native infrastructure.

Trying throughout the highest 25 record, a number of fascinating developments emerge. They’re:

  • Assault and red-team open supply instruments stay widespread: Tasks that present efficient assault and testing instruments are prominently positioned on the record. Metasploit, OSS Fuzz, Atomic Pink Staff, and Zap are a number of examples.
  • Safety for contemporary infrastructure is gaining recognition: Not like conventional safety utilities, tasks similar to Cilium, Trivy, Calico, and Sysdig have gotten more and more widespread. These tasks are designed to work with newer, cloud-native infrastructure, similar to Kubernetes, containers, and microservices. The truth that these tasks are listed among the many hottest reveals that cloud computing is now mainstream with safety operations.
  • Automation and “as-code” workflow utilities have emerged: It is also price noting that tasks that allow automation and “as-code” workflows have additionally appeared within the high record. For example, Nuclei, a undertaking that focuses on vulnerability-management-as-code, is a fast-growing undertaking utilized by bug researchers, pink groups, and defenders. Sigma is one other undertaking that permits automation and sharing of assault detection strategies.

We consider that the evolution of open supply safety (OSS) will observe the identical trajectory as enterprise infrastructure in embracing OSS fashions. An rising variety of safety practitioners select open supply as a basic technique due to its extensibility, flexibility, and transparency of implementation. As well as, refined safety groups have adopted the “shift-left” mindset, the place managing safety insurance policies and operations is like managing “code.” To this finish, an open supply technique offers a transparent benefit in contrast with the normal method of creating and deploying proprietary software program artifacts.

We created this index as a result of we had a difficult time discovering a very good, consultant record of open supply safety tasks. Though imperfect, this index represents a place to begin to construct a structured and complete record of significant open supply instruments for safety practitioners to think about. We labored with many open supply creators to construct this record, and we welcome suggestions at @OSecurityIndex.

Leave a Reply