Security News > 2021 > April > How the open source community helped firms investigate their network activity following SolarWinds
The open source community delivered vital help to companies affected by the SolarWinds attack.
One underappreciated facet of the wide-ranging scandal that has engulfed much of the U.S. government and hundreds of major companies involves the powerful role the open source community played in helping enterprises respond to the crisis, according to Greg Bell, co-founder and CSO of cybersecurity company Corelight.
Bell said the crisis revealed to many cybersecurity firms that the community is stronger together using open source interfaces and standards to improve everyone's defensive capabilities.
"Almost instantly after the blog post went out, the indicators went out and companies consumed that data and it led to kind of this global rush to see what we could do quickly. Some companies were mature enough that they could take those indicators directly. But many organizations aren't that sophisticated so they needed some other company, a vendor, to take those indicators and deliver them on products. That ecosystem of open standards, open data and a platform like GitHub for open sharing, had a big impact," Bell said.
"Open source software development practices have been and will be a great help, but there has been no better time for the commercial and open source software development camps to join forces and get fix done."
"In the case of SolarWinds, there's many ways open source intelligence has helped organizations. It helped identify the compromise or exposure of an enterprise's own network and helped understand their exposure as it relates to the broader ecosystem of vendors and partners that they depend on," White said.