Information overload#
Problem#
Keeping up to date with new threats, cyber security developments, and real innovative open solutions is impossible. There are just too many very interesting scientific papers that appear weekly, too many real nice new FOSS solutions for fighting, managing or investigating cyber security aspects. An ‘Awesome’ list on github is seldom up-to-date or maintained with clear criteria and openness as key criteria. Most of these lists sooner or later lose their value. Partly due to commercial solutions that take the overhand, or the maintenance that is needed to keep such a list up-to-date. Hundred if not thousands papers and so called ‘holy-grail’ cyber solutions are published on a weekly basis. This is just too much to be incorporated and managed in a simple list on github. Despite the good intentions.
Solution#
Use the Open Security Reference Architecture. This is a framework and community project that is more than 10 years old. Within this project solid guidance is given to solve common cyber security problems using an architecture reference framework.
Note
The Open Security Reference Architecture only referrers to open access publications that have real value for cyber professionals.
Part of this Open Security Reference framework is a sub-project to give guidance towards open cyber security solutions , FOSS cyber solutions, that have real value and can be used without strings attached. Making steps towards a world with less security threats and better protection means use what is available and make open existing solutions better. Reinventing the wheel is usually a bad practice. Cyber security has been in development for over 60 years. We need better wheels. So building upon knowledge of others has proven to be the most successful strategy since humans started with digital communication.
Cyber security risks are context dependent. However general methods to mitigate risks, prevent incidents and knowledge to create a specific Security design or architecture should not be reinvented every time. The Open Security References Architecture covers all aspects that help to speed up the process when searching a solution when creating a security architecture, design or finding a solution for a specific problem.