Open Source Security Software: Takeaways from a Case Study on DIY Fatigue

We are staunch advocates of open source security software, but it’s worth pointing out the do-it-yourself (DIY) approach sometimes comes with hidden costs. Typically, this comes in the form of lost time, where DIY security tools can require significant maintenance effort that comes at the cost of time spent defending the organization.

That’s one of several big headaches we solve for enterprise security teams. To that end, we recently published a new case study that describes the experiences of a large media content developer that reflects this idea.

This company already employed many of the capabilities the Bricata solution provides, but their homemade system was not integrated on a single-pane-of-glass. Moreover, the company didn’t realize how much time they were spending just to maintain their DIY system – until they saw how we tightly-integrated these tools onto a single platform and took care of much of the maintenance for them.

There’s a link to the full case study at the end of this piece – and here are a few key points worth highlighting.

Open source technology doesn’t provide a complete solution.

Open source software can lull IT teams into the false sense they are saving resources. The challenge is, these tools provide a specific technology as opposed to a complete solution. In order to provide a layered defense, the team had to deploy multiple tools – all of which required continuous effort to maintain.

Sponsorships Available

Sponsorships Available

Sponsorships Available

Teams spend more time maintaining tools than securing the network.

To be clear, open source security software is extremely powerful and effective, but the task of maintaining these technologies requires constant attention. Teams can find themselves spending more time maintaining their open source toolset than they do protecting the network.

Some of the standup tasks include:

• Specifying and acquiring hardware for the sensors and associated database;
• Identifying and procuring sources of IPS threat intelligence;
• Deploying the hardware, installing and configuring the software, and loading the threat detection signatures; and
• Staying vigilant on updates and patches to drivers, software and signatures.

Some operational tasks include:

• Monitoring system availability, performance and capacity;
• Maintaining security signatures and policies; and
• Troubleshooting system issues.

May lack integration and ease-of-use.

Even after all that effort, some do-it-yourselfers find their system can lack integration and are challenging to use. That’s what made Bricata so appealing to this media content developer: their favorite open source security tools were all integrated onto a single platform, working seamlessly together so, it’s easy-to-deploy, easy-to-maintain and easy-to-use.

* * *

The full case study is freely available for download – no registration is required: Eliminating DIY Fatigue in Network Security (opens in PDF).

If you enjoyed this post, you might also like:
3 Cool New Network Security Features in the Bricata Platform you Might have Missed

Recent Articles By Author

• Network Visibility is Foundational to Cyber Security’s Vital Few
• Network Visibility is Foundational to Cyber Security’s Vital Few
• The Critical Role of Network Detection and Response in Improving Enterprise Security [Q&A with Vito Rallo of PwC]

More from Bricata

*** This is a Security Bloggers Network syndicated blog from Bricata authored by Bricata. Read the original post at: https://bricata.com/blog/open-source-security-software/