{"id":19644,"date":"2021-10-18T22:46:50","date_gmt":"2021-10-18T22:46:50","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/?p=19644"},"modified":"2022-07-08T22:20:31","modified_gmt":"2022-07-08T22:20:31","slug":"open-source-security-tools","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/","title":{"rendered":"Best Open Source Security Tools"},"content":{"rendered":"<p>Over the past quarter of a century, the open source movement has gone from strength to strength. But that success and the openness inherent in the community have led to a major challenge \u2013 <a href=\"https:\/\/www.esecurityplanet.com\/applications\/open-source-security-a-big-problem\/\">security<\/a>. The more software that is developed, the greater the likelihood there is for <a href=\"https:\/\/www.esecurityplanet.com\/products\/vulnerability-management-software\/\">vulnerabilities<\/a>.<\/p>\n<p>To make matters worse, the <a href=\"https:\/\/www.linuxtoday.com\/\" target=\"_blank\" rel=\"noopener\">open source<\/a> world prides itself on openness and transparency. Therefore, any security vulnerabilities are disclosed publicly. In this age of organized gangs of cybercriminals, that is like placing an ad asking for an attack.<\/p>\n<p>This has given rise to a large number of open source security tools. They take care of all aspects of the management of security in open source components, examine dependencies, fix bugs in code, and lower risk.<\/p>\n<p>However, the tools themselves vary considerably in scope, sophistication, and function. The editors of <em>eSecurity Planet<\/em> find the following 20 open source security tools to be particularly useful. Some are open source, some are commercial, but all are good security options for open source environments.<\/p>\n<p>If you&#8217;re interested in learning more about Open Source Security check out this <a href=\"https:\/\/www.amazon.com\/Open-Source-Intelligence-Methods-Tools-ebook\/dp\/B07F5Y6P56\/ref=sr_1_3?crid=3TF2SWZ19YFBM&amp;amp;keywords=The+Best+Open+Source+Security+Tools&amp;amp;qid=1644815721&amp;amp;sprefix=the+best+open+source+security+tools%25252Caps%25252C298&amp;amp;sr=8-3&amp;_encoding=UTF8&amp;tag=esecurityplanet-20&amp;linkCode=ur2&amp;linkId=f7a2e52bf267e99babccfdf65e6de870&amp;camp=1789&amp;creative=9325\" target=\"_blank\" rel=\"nofollow sponsored noopener\">book<\/a>!<\/p>\n<h2>The Best Open Source Security Tools<\/h2>\n<h3>WhiteSource<\/h3>\n<p>WhiteSource detects all vulnerable open source components, including transitive dependencies, in more than 200 programming languages.\u00a0It matches reported vulnerabilities to the open source libraries in code, reducing the number of alerts. With more than 270 million open source components and 13 billion files, its vulnerability database continuously monitors multiple resources and a wide range of security advisories and issue trackers. WhiteSource is also a CVE Numbering Authority, which allows it to responsibly disclose new security vulnerabilities found through its own research. It identifies and prioritizes the most critical open source security vulnerabilities so users can fix what matters most first.<\/p>\n<h3>Metasploit<\/h3>\n<p>Metasploit covers the scanning and testing of vulnerabilities. Backed by a huge open source database of known exploits, it also provides IT with an analysis of <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-penetration-testing\/\">pen testing<\/a> results so remediation steps can be done efficiently. However, it doesn\u2019t scale up to enterprise level and some new users say it is difficult to use at first.<\/p>\n<p>Read more:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.esecurityplanet.com\/products\/metasploit\/\">Metasploit: Pen Testing Product Overview and Analysis<\/a><\/li>\n<li><a href=\"https:\/\/www.esecurityplanet.com\/products\/metasploit-framework-tutorial\/\"><span style=\"font-weight: 400;\">Getting Started With the Metasploit Framework: A Pentesting Tutorial<\/span><\/a><\/li>\n<\/ul>\n<h3>Revenera<\/h3>\n<p>FlexNet Code Aware by Revenera can find security threats and intellectual property (IP) <a href=\"https:\/\/www.esecurityplanet.com\/networks\/security-compliance\/\">compliance<\/a> issues in open source code. It scans Java, NuGet, and NPM packages. In addition, the company offers a full enterprise platform for open source security and license compliance, with support for all major software languages. It has more than 70 extensions, and a knowledge base with more than 14 million open source components.<\/p>\n<h3>Synopsys<\/h3>\n<p>Black Duck\u00a0software composition analysis (SCA) by Synopsys helps teams manage the security, quality, and license compliance risks that come from the use of open source and third-party code in applications and containers. It integrates with build tools like Maven and Gradle to track declared and transitive open source dependencies in applications&#8217; built-in languages like Java and C#. It maps string, file, and directory information to the Black Duck KnowledgeBase to identify open source and third-party components in applications built using languages like C and C++. The SCA tool also identifies open source within compiled application libraries and executables (no source code or build system access required) and finds parts of open source code that have been copied within proprietary code, which can potentially expose you to license violations and conflicts.<\/p>\n<h3>Portswigger Burp<\/h3>\n<p>Burp\u00a0Suite Community Edition by Portswigger is an open source manual version of a popular web <a href=\"https:\/\/www.esecurityplanet.com\/networks\/vulnerability-scanning-tools\/\">vulnerability scanner<\/a> used in a great many organizations. It can be used by skilled security professionals to find vulnerabilities rapidly.<\/p>\n<p>Read more:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.esecurityplanet.com\/products\/burp-scanner\/\">Burp Scanner Features &amp; Pricing<\/a><\/li>\n<li><a href=\"https:\/\/www.esecurityplanet.com\/networks\/getting-started-with-burp-suite-pentest-tutorial\/\"><span style=\"font-weight: 400;\">Getting Started with the Burp Suite: A Pentesting Tutorial<\/span><\/a><\/li>\n<\/ul>\n<h3>OSSEC<\/h3>\n<p>OSSEC is open source\u00a0and free. It can be tailored to security needs through its configuration options, adding custom alert rules\u00a0and scripts to take\u00a0action when alerts occur. It offers\u00a0comprehensive\u00a0host-based <a href=\"https:\/\/www.esecurityplanet.com\/products\/intrusion-detection-and-prevention-systems\/\">intrusion\u00a0detection<\/a> across\u00a0multiple platforms,\u00a0including Linux,\u00a0Solaris, AIX, HP-UX,\u00a0BSD, Windows, Mac\u00a0and VMware ESX. Additionally, it helps\u00a0organizations meet\u00a0specific compliance\u00a0requirements such as PCI-DSS. It detects and\u00a0alerts on unauthorized file\u00a0system modification and\u00a0malicious behavior that\u00a0could lead to non-compliance.<\/p>\n<h3>Acunetix<\/h3>\n<p>Acunetix is primarily a web application security scanner, with additional network infrastructure scanning capabilities. It uses the popular open source vulnerability scanning project OpenVAS as its scanning engine. Its multi-threaded scanner can crawl across hundreds of thousands of pages rapidly and it also identifies common web server configuration issues. It is particularly good at scanning WordPress.<\/p>\n<h3>Sonatype<\/h3>\n<p>Sonatype offers one tool that scales open source security monitoring across the <a href=\"https:\/\/www.esecurityplanet.com\/threats\/supply-chain-flaws-found-in-python-package-repository\/\">software supply chain<\/a>. An evolving database of known vulnerabilities is available to help users detect threats and inconsistencies before suffering an attack. Features include: Automatic detection and fixing of open source dependency vulnerabilities; integration of security vulnerability tools into git repositories already in use; and avoiding attacks through scaled secure development practices across dev and ops teams.<\/p>\n<h3>Fiddler<\/h3>\n<p>Fiddler by Telerik is a useful collection of manual tools to deal with web debugging, web session manipulation, and security\/performance testing. However, it is probably most useful for those deploying the paid version on the .NET framework, as that comes with many automation features.<\/p>\n<p>Read more: <a href=\"https:\/\/www.esecurityplanet.com\/products\/fiddler\/\">Fiddler: Pen Testing Product Overview and Analysis<\/a><\/p>\n<h3>OWASP ZAP<\/h3>\n<p>OWASP Zed Attack Proxy (ZAP) is said to be the most widely used web application scanner. It grew out of the <a href=\"https:\/\/www.esecurityplanet.com\/applications\/owasp-list-gets-a-new-top-vulnerability\/\">OWASP\u00a0Foundation<\/a>\u00a0that works to improve the security of software through its community-led open source software projects, worldwide chapters, membership base, and by hosting local and global conferences.<\/p>\n<h3>Nmap<\/h3>\n<p>Nmap is a port scanner that also aids pen testing by flagging the best areas to target in an attack. That is useful for <a href=\"https:\/\/www.esecurityplanet.com\/networks\/apple-white-hat-hack-shows-value-of-pen-testers\/\">ethical hackers<\/a> in determining network weaknesses. As it&#8217;s open source, it\u2019s free. That makes it handy for those familiar with the open source world, but it may be a challenge for someone new to such applications. Although it runs on all major OSes, Linux users will find it more familiar.<\/p>\n<p>Read more:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.esecurityplanet.com\/products\/nmap\/\">Nmap: Pen Testing Product Overview and Analysis<\/a><\/li>\n<li><a href=\"https:\/\/www.esecurityplanet.com\/networks\/nmap-vulnerability-scanning-made-easy\/\"><span style=\"font-weight: 400;\">Nmap Vulnerability Scanning Made Easy: Tutorial<\/span><\/a><\/li>\n<\/ul>\n<h3>Security Onion<\/h3>\n<p>Security Onion\u00a0Solutions creates and maintains Security Onion<strong>,<\/strong>\u00a0a free and open platform for <a href=\"https:\/\/www.esecurityplanet.com\/threats\/threat-hunting\/\">threat hunting<\/a>, <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-network-security-tools\/\">network security<\/a> monitoring, and <a href=\"https:\/\/www.esecurityplanet.com\/products\/siem-tools\/\">log management<\/a>.<strong>\u00a0<\/strong>It includes best-of-breed free and open tools, including Suricata, Zeek, Wazuh, the Elastic Stack, and many others.<\/p>\n<h3>Wireshark<\/h3>\n<p>Wireshark is often used to point out what is happening with the network and assess traffic for vulnerabilities in real time. By reviewing connection-level information as well and the constituents of data packets, it highlights their characteristics, origin, destination, and more. While it flags potential weaknesses, a pen testing tool is still required to exploit them.<\/p>\n<p>Read more: <a href=\"https:\/\/www.esecurityplanet.com\/products\/wireshark\/\">Wireshark: Pen Testing Product Overview and Analysis<\/a><\/p>\n<h3>Aircrack-ng<\/h3>\n<p>Aircrack-ng is the go-to tool for analysis and cracking of wireless networks. All the various tools within it use a command line interface and are set up for scripting. It focuses on different areas of Wi-Fi security, including: Packet capture and export of data to text files for further processing by third-party tools; replay attacks, de-authentication, fake access points, and others via packet injection; Checking Wi-Fi cards and driver capabilities (capture and injection); and WEP and WPA PSK (WPA 1 and 2) cracking.<\/p>\n<p>Read more: <a href=\"https:\/\/www.esecurityplanet.com\/products\/aircrack-ng\/\">Aircrack-ng: Pen Testing Product Overview and Analysis<\/a><\/p>\n<h3>VeraCrypt<\/h3>\n<p>VeraCrypt is free, open source <a href=\"https:\/\/www.esecurityplanet.com\/products\/top-full-disk-software-products\/\">disk encryption software<\/a> for Windows, Mac OSX and Linux. It was created by Idrix and is based on TrueCrypt 7.1a. It creates a\u00a0virtual encrypted disk\u00a0within a file and mounts it as a real disk. It can encrypt an<strong>\u00a0<\/strong>entire partition or storage device\u00a0such as USB flash drive or hard drive, or any partition or drive where Windows is installed. Encryption is\u00a0automatic and is done in real time.<\/p>\n<p>See <a href=\"https:\/\/www.esecurityplanet.com\/applications\/how-to-encrypt-a-flash-drive-using-veracrypt\/\">How to Encrypt a Flash Drive Using VeraCrypt<\/a><\/p>\n<h3>John the Ripper<\/h3>\n<p>John the Ripper is the tool most used to check out password vulnerability. It combines several approaches to password cracking into one package. It supports hundreds of hash and cipher types, including: user passwords of Unix flavors (Linux, *BSD, Solaris, AIX, QNX, etc.), macOS, Windows, &#8220;web apps&#8221; (e.g., WordPress), groupware (e.g., Notes\/Domino), and database servers (SQL, LDAP, etc.); network traffic captures (Windows network authentication, WiFi WPA-PSK, etc.); encrypted <a href=\"https:\/\/www.webopedia.com\/definitions\/private-key\/\" target=\"_blank\" rel=\"noopener\">private keys<\/a> (SSH, GnuPG, cryptocurrency wallets, etc.), filesystems and disks (macOS .dmg files and &#8220;sparse bundles,&#8221; Windows BitLocker, etc.), archives (ZIP, RAR, 7z), and document files (PDF, Microsoft Office, etc.).<\/p>\n<p>Read more: <a href=\"https:\/\/www.esecurityplanet.com\/products\/john-the-ripper\/\">John the Ripper: Penetration Testing Tool Review<\/a><\/p>\n<h3>Nikto<\/h3>\n<p>Nikto is a web server scanner that performs tests against web servers for multiple items, including over 6,400 potentially dangerous files\/CGIs, checks for outdated versions of over 1,200 servers, and version-specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files and HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.<\/p>\n<h3>Snort<\/h3>\n<p>Snort is an open source Intrusion Prevention System (IPS). It uses rules to define malicious network activity and find packets that match against them, generating alerts for users. Snort can also be deployed inline to stop these packets. It is primarily used as a packet sniffer, a packet logger, or as a full-blown network intrusion prevention system.<\/p>\n<h3>Open SSH<\/h3>\n<p>OpenSSH is a connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, it provides a suite of secure tunneling capabilities, several authentication methods, and configuration options.<\/p>\n<h3>Tcpdump<\/h3>\n<p>Tcpdump is a powerful command-line packet analyzer, developed by the same people as <em>libpcap<\/em>, a portable C\/C++ library for network traffic capture. It prints out a description of the contents of packets on a network interface, preceded by a time stamp. It can save packet data to a file for later analysis, and read from a saved packet file rather than reading packets from a network interface. It can also read a list of saved packet files.<\/p>\n\n\n<div id=\"ta-campaign-widget-66d6ee519d748-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6ee519d748\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6ee519d748\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6ee519d748\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6ee519d748\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6ee519d748\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6ee519d748\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Over the past quarter of a century, the open source movement has gone from strength to strength. But that success and the openness inherent in the community have led to a major challenge \u2013 security. The more software that is developed, the greater the likelihood there is for vulnerabilities. To make matters worse, the open [&hellip;]<\/p>\n","protected":false},"author":213,"featured_media":19646,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[14,17],"tags":[15272,30778],"b2b_audience":[34],"b2b_industry":[],"b2b_product":[382,401],"class_list":["post-19644","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-networks","category-products","tag-linux-security","tag-vulnerability-scanning-tools","b2b_audience-evaluation-and-selection","b2b_product-application-security-vulnerability-management","b2b_product-operating-system-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Best Open Source Security Tools | eSecurity Planet<\/title>\n<meta name=\"description\" content=\"Some are commercial and some are open source, but these 20 tools can boost security in open source environments.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Best Open Source Security Tools | eSecurity Planet\" \/>\n<meta property=\"og:description\" content=\"Some are commercial and some are open source, but these 20 tools can boost security in open source environments.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2021-10-18T22:46:50+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-07-08T22:20:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/10\/linux.security-e1634597367407.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"700\" \/>\n\t<meta property=\"og:image:height\" content=\"548\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Drew Robb\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Drew Robb\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/\"},\"author\":{\"name\":\"Drew Robb\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/df930f1317eb05f959f8016777c920c2\"},\"headline\":\"Best Open Source Security Tools\",\"datePublished\":\"2021-10-18T22:46:50+00:00\",\"dateModified\":\"2022-07-08T22:20:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/\"},\"wordCount\":1676,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/10\/linux.security-e1634597367407.jpg\",\"keywords\":[\"Linux security\",\"vulnerability scanning tools\"],\"articleSection\":[\"Networks\",\"Products\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/\",\"name\":\"Best Open Source Security Tools | eSecurity Planet\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/10\/linux.security-e1634597367407.jpg\",\"datePublished\":\"2021-10-18T22:46:50+00:00\",\"dateModified\":\"2022-07-08T22:20:31+00:00\",\"description\":\"Some are commercial and some are open source, but these 20 tools can boost security in open source environments.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#primaryimage\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/10\/linux.security-e1634597367407.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/10\/linux.security-e1634597367407.jpg\",\"width\":700,\"height\":548,\"caption\":\"linux security\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Best Open Source Security Tools\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/df930f1317eb05f959f8016777c920c2\",\"name\":\"Drew Robb\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/0.jpg.256x256_q100_crop-smart-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/0.jpg.256x256_q100_crop-smart-150x150.jpg\",\"caption\":\"Drew Robb\"},\"description\":\"Drew Robb has contributed to eSecurity Planet and other TechnologyAdvice websites for more than twenty years. He's covered every aspect of enterprise IT in his career, from the latest trends to in-depth product analysis. He is also the editor-in-chief of an international engineering magazine.\",\"url\":\"https:\/\/www.esecurityplanet.com\/author\/drew-robb-esp\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Best Open Source Security Tools | eSecurity Planet","description":"Some are commercial and some are open source, but these 20 tools can boost security in open source environments.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/","og_locale":"en_US","og_type":"article","og_title":"Best Open Source Security Tools | eSecurity Planet","og_description":"Some are commercial and some are open source, but these 20 tools can boost security in open source environments.","og_url":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/","og_site_name":"eSecurity Planet","article_published_time":"2021-10-18T22:46:50+00:00","article_modified_time":"2022-07-08T22:20:31+00:00","og_image":[{"width":700,"height":548,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/10\/linux.security-e1634597367407.jpg","type":"image\/jpeg"}],"author":"Drew Robb","twitter_card":"summary_large_image","twitter_creator":"@eSecurityPlanet","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Drew Robb","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/"},"author":{"name":"Drew Robb","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/df930f1317eb05f959f8016777c920c2"},"headline":"Best Open Source Security Tools","datePublished":"2021-10-18T22:46:50+00:00","dateModified":"2022-07-08T22:20:31+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/"},"wordCount":1676,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/10\/linux.security-e1634597367407.jpg","keywords":["Linux security","vulnerability scanning tools"],"articleSection":["Networks","Products"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/","url":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/","name":"Best Open Source Security Tools | eSecurity Planet","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#primaryimage"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/10\/linux.security-e1634597367407.jpg","datePublished":"2021-10-18T22:46:50+00:00","dateModified":"2022-07-08T22:20:31+00:00","description":"Some are commercial and some are open source, but these 20 tools can boost security in open source environments.","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#primaryimage","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/10\/linux.security-e1634597367407.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/10\/linux.security-e1634597367407.jpg","width":700,"height":548,"caption":"linux security"},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/products\/open-source-security-tools\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"Best Open Source Security Tools"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/df930f1317eb05f959f8016777c920c2","name":"Drew Robb","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/0.jpg.256x256_q100_crop-smart-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/0.jpg.256x256_q100_crop-smart-150x150.jpg","caption":"Drew Robb"},"description":"Drew Robb has contributed to eSecurity Planet and other TechnologyAdvice websites for more than twenty years. He's covered every aspect of enterprise IT in his career, from the latest trends to in-depth product analysis. He is also the editor-in-chief of an international engineering magazine.","url":"https:\/\/www.esecurityplanet.com\/author\/drew-robb-esp\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/19644"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/213"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=19644"}],"version-history":[{"count":0,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/19644\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media\/19646"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=19644"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=19644"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=19644"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=19644"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=19644"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=19644"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}