Perhaps the most disturbing element of the Adobe breach was that the hackers went not for valuable personal data, but for the most secretive possession of all: its source code. A lot of companies view source code as one of their strongest security defenses, but now that hackers are targeting it, there’s no better time to move from a defensive strategy to an offensive attack.
Our VP of Technology and Standards, Allan Foster, recently wrote an article for Citizen Tekk about how the best defense is a strong open source offense. Although it seems counterintuitive, the key is that there are no secrets in open source. And if there are no secrets, well, what is a hacker going to steal?
Open source offers the benefit of transparency – a complete picture of the entire software suite and how it is integrated into the product, making it possible for the entire community to quickly offer improvements and fixes that protect the software from attack.
And open source code has a quick lifecycle and fewer interdependencies. If there ever is an issue, the transparent nature of open source makes it quicker and easier to identify the security gap and apply a fix. A breach that may have been a catastrophe is merely an inconvenience.
So how’s your defensive line looking? Because if you’re not leveraging open source, it’s open season.
Check out Allan’s article on Citizen Tekk and let us know what you think! http://citizentekk.com/2013/12/04/open-source-for-security/