Open Source Solutions

Discover open source cyber security solutions supported by the community.
Enhance your cyber security strategy and technical understanding with these tools

Page Overview

We believe it’s important to understand the available solutions and not just rely on what is offered by one commercial vendor or another.

This doesn’t mean that the products offered by these vendors are not good, but it’s essential to assess their effectiveness and how they operate from a neutral standpoint.

That’s why we’ve gathered various tools to help you do just that.

All the products featured here are available as open-source and free to use (please note the usage and licensing terms attached to each product), allowing you to examine and asses for yourself what the solution does, how it is built and how it operates.

You can access the vendor or project website directly from this page as well as watch videos that review and explain the product and how to use it.

Page Overview​

We believe it’s important to understand the available solutions and not just rely on what is offered by one commercial vendor or another.

This doesn’t mean that the products offered by these vendors are not good, but it’s essential to assess their effectiveness and how they operate from a neutral standpoint.

That’s why we’ve gathered various tools to help you do just that.

All the products featured here are available as open-source and free to use (please note the usage and licensing terms attached to each product), allowing you to examine and asses for yourself what the solution does, how it is built and how it operates.

You can access the vendor or project website directly from this page as well as watch videos that review and explain the product and how to use it.

Endpoint Protection​

ClamAV

ClamAV is a free and open source Anti Virus tool that is distributed and maintained by Cisco Talos and can run on many different Operating Systems.

ClamAV is a classic anti virus tool and as such it scans files and uses its’ signatures data base to determine if a file contains malicious code.

ClamAV is used mainly as a “second opinion” in addition to another anti virus tool.

ClamAV

Windows

Linux

macOS

OpenBSD

FreeBSD

HP-UX

Solaris

OpenEDR

OpenEDR is a widely used free (with limited features) and open-source Endpoint Detection and Response platform.

It is designed to provide visibility of both endpoints and network activity but it can also provide other functions such as an Antivirus (By Comodo), host-based firewall and more.

Network Protection​

pfSense

pfSense (Community Edition) is a widely used free and open-source Next Generation Firewall and router that is distributed and maintained by Netgate and is based on the FreeBSD Unix-like Operating System.

pfSense is first and for most a firewall and its main function is to filter inbound and outbound network traffic, however, being a Next Generation Firewall pfSense can also support other functionally such as IDPS, VPN, Proxy and more.

Snort

Snort is a widely used free and open-source Intrusion Detection and Prevention System (IDS/IPS) that is distributed and maintained by Cisco Talos and can run on many different platforms and Operation Systems.

Snort monitors network traffic to identify potentially malicious activity or policy violations, and then takes appropriate action to stop those activities.

Snort can use both community based rules (free) or subscriber rules (paid).

Snort

Packet Fence

Packet Fence is a Free and Open Source network access control solution that is distributed and maintained by Inverse and is based on the Linux Debian Operating System.

Packet Fence main purpose is to restrict unauthorized users and devices from gaining access to a network
It does that by leveraging technologies such as captive portal, VPN management and the 802.1X protocol.

OpenVPN

OpenVPN is an open-source virtual private network (VPN) solution that creates secure point-to-point or site-to-site connections.

It uses custom security protocols (OpenVPN) to establish secure connections over the internet, providing encrypted access to network resources.

Encryption

VeraCrypt

VeraCrypt is an free and Open Source encryption tools for files, external devices and operating systems that is maintain and distributed by IDRIX and can run on .different operating systems.

VeraCrypt can create an encrypted container that can store files, encrypt mass storage devices and encrypt the entire operating system
It supports the highest encryption and hashing standards like AES and SHA.

KeePass

KeePass is a free open-source password manager that securely stores and manages passwords in an encrypted database.

It can generate strong passwords and access them with a single master password or key file, to provide secure and convenient password management.

KeePass

SIEM / XDR

AlienVault OSSIM

AlientVault OSSIM is a free open source Security Information and Event Management (SIEM) tool.

It is the free version of AT&T’s USM Anywhere who also maintains AlientVault OSSIM as a Debian based software.

A Security Information and Event Management (SIEM) tool is build to collect logs from different sources such as network sensors, cloud environment, endpoints, servers and more and aggregate them to a single pane of view dashboard.

Wazhu

Wazuh is an open-source security monitoring platform that offers intrusion detection, log analysis, and compliance capabilities.

It uses agents to collect and analyze log data across different operating systems and environments. It provides centralized management server and customizable rules as well as real-time threat detection and compliance monitoring.

Email Security

Proxmox Mail Gateway

Proxmox Mail Gateway is a widely used free and open-source Mail Secure Gateway.

It is distributed and maintained by Proxmox and is based on the Linux Debian Operating System.

Proxmox Mail Gateway is a server that relays email traffic from the internet to the email server and vice vera.

It scans every email before forwarding it to prevent spam, malware and phishing.

Vulnerability Assessment​

OpenVAS

OpenVAS (Open Vulnerability Assessment System) is an open-source vulnerability scanner and manager that detects security issues in systems and networks that is distributed and maintained by Greenbone.

It can performs unauthenticated and authenticated testing, can use various high-level and low-level internet and industrial protocols to provide a comprehensive vulnerability assessments.

Data Protection​ (Backup)

Duplicati

Duplicati is an open-source backup client that securely stores encrypted, incremental, compressed backups on cloud storage services and remote file servers.

It supports various backup destinations and encryption methods and offers both data protection and recovery capabilities.