I was looking for an open source alternative for a tool this morning and it led to a conversation with a fellow practitioner. Bottom line: the state of open source security tooling seems to be really bad now vs. when we entered the industry 10-20 years ago. It seems more and more tools are built for making a quick buck vs. building a personal brand and seeking the common good of making the internet a safer place. This is not ubiquitous, but it certainly seems to be the trend. When I first got into security, people were all about sharing, networking, and community. This led to wonderful careers where we enjoyed not only financial success, but even more so, relationships and the joy of leaving things better than we found them. I still give the vast majority of the code I write away, but it is becoming increasingly harder to find useful open source tooling. This conversation reminded me of a keynote I gave on a similar topic a few years back. It seems to apply as much today as it did then. https://lnkd.in/eTVBCka9
Sucking @Capitalism - BSides Greenville 2020 Keynote
https://www.youtube.com/
Chris Sullo
6mo
Money. It's all about the money. There wasn't much 20 years ago :)
Jesse Cooper
6mo
Need more SaaS!!!
Makiya Richard
6mo
I still remember the first time using recon-ng, we connected on this platform because of it when doing my undergrad, inspired my capstone project 😊
ZAP by Checkmarx Project Lead
6moIts hard to work out a business model for "pure" open source tools. Trust me, I'm trying, but its really hard...