Introduction

Introduction#

Creating a FOSS tool that helps for cyber security is not hard. Automating the boring and labour intensive work save you time and money. Time you can invest to perform activities that are very hard to automate.

Thousands of good FOSS tools have been created over the past 30 years that automate various tasks needed for a healthy security management process. However only some FOSS tools are really sustainable and usable. Often FOSS cyber security tools introduce new security risks. So it is important that also FOSS security tools are created with security-by-design mindset.

There are more than millions of different FOSS cyber security products published and available. So the collection in this publication is a very opinionated selection. Core selecting criteria are:

  • The product must have a valid FOSS license. So an OSI approved license.

  • The security product must be active and meet a minimal quality level.

  • The security product must have a version-controlled source repository that is publicly readable and has a URL. Ideal is of course that all projects meet minimal requirements as outlined in the OpenSSF Best Practices Badge Program. But despite endless energy and efforts this program is still not widely known.

Security Solutions