The security department is completely relying on tools to get the job done. And for most tasks, there are plenty of solutions to choose from. But what if you can’t invest in tools for the security department. Is open-source an alternative? Let’s build a security department purely on open-source tools.
Security Operation Center
Typical functions for a Security Operation Center are to detect and to respond.
To detect a security incident you need to have a monitoring (SIEM) solution. AlienVault OSSIM, ElasticSIEM, and SIEMonster are some major open-source players. Most of the time these are limited versions of the commercial version. For example…