Saturday, May 10, 2008

Skepticism about opensource security tools

There is an interesting question in LinkedIn: Why corporations are so skeptical about open source security tools even if they are backed by commercial support contracts?
My answer was as follow:
I think that at this time the corporations could not be skeptical because there are a lot of successful companies using opensource tools, even more in the security field the opensource tools are offered for free but the service and specialized support have a cost, so you can see a very clear business model. On another hand, when you have to reduce your risk you have to choose the right solution according to your invesment level and so you have opensource security solutions cheaper than some (not all and depends on the case) licensed security solutions. For instance, compare mod-security with F5, mod-security is being a strong competitor in the application firewalls field.

- Ricardo Seguel P.

No comments: