The Value of Open-Source Cybersecurity Software and Why Tomorrow’s Experts Need to Learn How to Implement It Today
The education arena needs to be cognizant of how the industries students are sent into operate. No school should operate in a vacuum of teaching what they think is important apart from what is happening in the commercial sector. Students need to be trained for all variables, and this is especially true in the computer science and cybersecurity arenas where technologies and capabilities change at breakneck speeds.
One area that is lacking in most computer science higher education courses is the plethora of open-source software applications that can be utilized within organizations to accomplish many of the same tasks their commercial counterparts offer.
Every organization needs many different software applications to accomplish its mission. There are programs for financial operations, meeting organization, communication, and many other commonly used tools for everyday business.
Among these tools are applications designed to protect the network and individual computers, and to test the security of the network to see how well it would hold up against a real-world attack. Many commercially available tools can be used to keep hackers at bay. But most organizations do not consider including some of the open-source variations of these tools; the commercial flavors hold the lion’s share of the market. Unfortunately, it can be very expensive to utilize full-blown commercial applications due to the upfront cost, regular license renewals, and fees for the latest exploit signatures. These fees tend to price smaller organizations out of the market and lead to them using little to no security software.
Barring the use of anti-virus, smaller companies tend to cross their fingers and hope their network never ends up on a hacker’s radar. Their budgets simply cannot withstand the necessary expenses, unless they consider the use of open-source software. The challenge is that several prejudicial assumptions are stacked against open-source software that hinders more widespread use. Students studying the field of cyber security should be taught about all available capabilities and on what to expect in the corporate arena should they find the need to implement a network security posture using a smaller budget.
Common Challenges to Open-Source Software
Senior leaders within an organization tend to think that open-source software is always malicious or that it has some bad code hidden within the application that will strike when least expected. Because of this fear, they shut down any request to install this category of application. This fear can be assuaged by using well-known open-source applications that are used by security professionals around the world--and this is not a short list.
To be fair, there are certainly malicious applications all over the internet, but a small amount of research will bring the legitimate ones into focus.
Another challenge that needs to be overcome is that leaders think free software means it will not have any of the capabilities that the more expensive counterparts tout. This is almost always false.
For example, most vulnerability scanners, both freely available and expensive, have many of the same features and capabilities. Some certainly have unique features, but the bedrock capabilities of scanning ports to look for a vulnerable application are available in virtually every network security scanner.
It should also be noted that hackers do not typically pay for software. They either use open-source, code something themselves or steal the license key for a well-known commercial application. The latter is less common today as many developers have made license theft much more challenging than it was two decades ago when everything was available on Russian websites. It would be valuable to use the same tools the hackers are using because those are the tools they are going to throw at your network when you become their target.
But there is one particular concern that is fair to consider in this arena. Perhaps the only real challenge with open-source software is that there is rarely any formalized technical support. Most support comes in the form of online forums and discussion boards where other users post their solutions to common problems or provide configuration guides.
This is a fair concern as necessary software should function well and provide its users with exactly what they need. But there is an easy fix for this problem. Computer scientists are savvy technicians who are capable of tweaking the code of applications or working around deficiencies to get the job done. They can handle the maintenance and support of the application; it is part of their education and training.
What Open-Source Tools Should Cybersecurity Instructors Learn to Teach?
Leaders rely on the expertise of their security teams to recommend the best posture for protecting the network. The more one knows about what is available, the better they will be able to inform those at the top. Pitching the CEO to spend $30,000 on the latest firewall usually does not go well. That is a big price tag. Contrastingly, explaining how a good Linux system can function as a powerful firewall at a fraction of the cost will make it easier to secure approval. We do not have to break the bank to secure the network.
The best available tools to conduct vulnerability assessments, penetration tests, or many of the other common network security-related tasks conducted in this arena are open-source and freely available. Applications like Netcat and NMAP are used to find open ports and map out different portions of a network. Wireshark is used to analyze packets, both normal and nefarious. Metasploit is used to actively exploit vulnerable systems and establish a solid foothold.
Each of these tools is in the open-source space and has been used for many years as the de facto standards for what they bring to the table, and each has been included in formal and informal education settings for more than a decade.
The open-source community has proven its capabilities and should not be summarily dismissed, in schools or corporations, on the grounds of not being part of a formalized commercial product.
Cybersecurity professors should make this topic a common one in their lectures to provide a wider breadth of understanding for future cybersecurity professionals. We cannot afford to graduate students who are unaware of this critically valuable capability. Open source is not always the best solution but when it can provide the necessary capability without breaking the budget, it should be considered. Students should be aware of this reality and be educated to understand that a cookie-cutter approach of leaning on commercial applications is not always the best methodology. Even in the cyber security realm, creativity and flexibility are valuable skills that keep networks secure.
Cloud Labs for Network Security, Firewalls, and VPNs
The cybersecurity Cloud Labs for Network Security, Firewalls, and VPNs provide fully immersive mock IT infrastructures with live virtual machines and real software, where students will learn and practice the foundational information security skills they will need to excel in their future careers.
Request Your Digital Review CopyAbout the Author:
Dr. Gene Lloyd is an adjunct professor at Liberty University. He teaches computer science and cyber security programs for undergraduate and graduate students with a focus on applied cryptography, digital forensics, ethics, legal issues and policies, web security, ethical hacking, security operations, risk management, network security, access control systems, and advanced topics in computer security.
Related Content: