Open Source / Free Security Controls - Version 1.4

By Adrian Grigorof, CISSP, CRISC, CISM, CCSK
Last update: April 26, 2019


The increased maturity and level of support of open source solutions make the deployment of an open-source based security architecture a potentially viable solution for more and more organizations.

While some solutions lack the full bells and whistle that some commercial products offer, a serious analysis may prove that the extra functionality does not justify the costs of the initial purchase and subsequent maintenance and upgrade expenses. A focus on efficient use of an open-source security control may end up with a much better security posture than having an advanced commercial product that is not properly put at use and unfortunately, this is not an unusual scenario.

Many open-source solutions are now basing their business model around support contracts (optional, of course) and that may alleviate the concerns of cybersecurity managers along their ability to obtain professional support for open-source solutions. There is also a solid base of training platforms for almost any open-source products, allowing the proper training of information security staff that may have to maintain these platforms.

This chart is the first draft and it may have many gaps or it may have missed some important solution. Any feedback is appreciated as it will allow me to improve it. Some of the products/solutions mentioned are not exactly open-source (for example, the threat intelligence platforms such as IBM’s X-Force Exchange), but they do allow for free use and almost full functionality similar with paid services/products.


SECURITY CONTROL OPEN SOURCE   SECURITY CONTROL OPEN SOURCE   SECURITY CONTROL OPEN SOURCE
Firewall pfSense
IPFire
NG Firewall
  Encryption At Rest VeraCrypt   Container Security Clair
Anchore
Dagda
IPS/IDS Snort
Suricata
  Host IDS OSSEC
Wazuh
  Network Monitoring Nagios Core
Zabbix
Icinga 2
Web Application Firewall (WAF) ModSecurity
IronBee
WebKnight (MS IIS)
NAXSI (for NGINX)
  Identity and Access Management OpenIAM
OpenIDM
Keycloak
  Backup and Recovery Amanda
UrBackup
Bacula
SIEM
Log Analytics
SIEMonster
Elastic Stack
OSSIM
  Multi-Factor Authentication LinOTP   Email Antivirus Gateway MailScanner
OrangeAssassin
MailCleaner
Log Management Elastic Stack
fluentd
  Privileged Access Management (PAM) OpenPAM (Libraries for Unix/Linux only)   File Integrity Monitoring OSSEC
Tripwire
Threat Intelligence
Platform/Feeds
AlienVault OTX
IBM X-Force Exchange
Cisco Talos Intelligence
  Email Antivirus ClamAV
Armadito
  NetFlow ntop
Data Loss Prevention
(DLP)s
OpenDLP
MyDLP
  Endpoint Protection Armadito
ClamAV
  Wireless IDS/IPS Vistumbler
Kismet
Web Filtering E2guardian
ClearOS Open Source Filter
  PKI EJBCA
OpenXPKI
  Network Security Monitor (NSM) Bro
Reverse Proxy
Load Balancer
Nginx   SSL Decryption Mitre ChopShop
ModSecurity
  Deception
Honeypots
Honeynet
VPN OpenVPN
SoftEther
Freelan
  SSL Certificates Let's Encrypt   Patch Management OPSI
Asset Management Open-AudIT
Snipe-IT
Kuwaiba
  Secure DNS
(DNSSEC)
BIND
PowerDNS
  Penetration Testing Kali Linux
Commando VM
Key Management Vault by HashiCorp
StrongKey
  Vulnerability Management OpenVAS
Nikto
  Deception
Sandbox
Cuckoo Sandbox
Change Management iTop   Governance Risk and Compliance Monitoring Eramba   Security Orchestration Patrowl
TheHive
Demisto
Network Access Control PacketFence
openNAC
  Security Controls Bundles Security Onion
Prelude
  Application Security Testing LGTM.com
Coverity SCAN
OWASP ZAP
      Identity Governance & Administration OpenIDM      

Downloads:
High-definition PDF: www.eventid.net/downloads/open_source_security_controls_v1.pdf
Vector image format (SVG): www.eventid.net/downloads/open_source_security_controls_v1.svg