Opensource Presentation
14
08/27/22 08/27/22 Copyright 2009 Sarah Cortes Copyright 2009 Sarah Cortes 1 OpenSource Tools OpenSource Tools Sarah Cortes Sarah Cortes www.inmantechnologyIT.com www.inmantechnologyIT.com Sarah’s blog: SecurityWatch Sarah’s blog: SecurityWatch Sarah’s ITtechEx column Sarah’s ITtechEx column twitter: SecuritySpy twitter: SecuritySpy LinkedIn: Sarah Cortes LinkedIn: Sarah Cortes
-
Upload
sarah-cortes -
Category
Technology
-
view
6.674 -
download
1
description
History and Definition of OpenSource and a survey of tools
Transcript of Opensource Presentation
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 11
OpenSource ToolsOpenSource Tools
Sarah CortesSarah Corteswww.inmantechnologyIT.comwww.inmantechnologyIT.com
Sarah’s blog: SecurityWatchSarah’s blog: SecurityWatchSarah’s ITtechEx columnSarah’s ITtechEx column
twitter: SecuritySpytwitter: SecuritySpyLinkedIn: Sarah CortesLinkedIn: Sarah Cortes
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 22
OpenSource ToolsOpenSource Tools
AgendaAgenda
InmanTechnologyIT InmanTechnologyIT Classes of Tools Classes of Tools OverviewOverview DefinitionDefinition HistoryHistory
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 33
Sarah Cortes, PMP, CISASarah Cortes, PMP, CISA Clients: Clients:
• Harvard UniversityHarvard University• BiogenBiogen• FidelityFidelity
Professional Associations:Professional Associations:• Sarah is a member of the AIM Advisory Board on Data Privacy Laws to the Sarah is a member of the AIM Advisory Board on Data Privacy Laws to the
Massachusetts Legislature Massachusetts Legislature
Practice expertisePractice expertise• Complex Application Development/ImplementationComplex Application Development/Implementation• IT Security/Privacy/Risk Management/Audit ManagementIT Security/Privacy/Risk Management/Audit Management• Data Center Operations ManagementData Center Operations Management• Disaster Recovery/High AvailabilityDisaster Recovery/High Availability• Program/Project ManagementProgram/Project Management
BackgroundBackground• SVP in charge of Security, DR, IT Audit, and some Data Center Operations at SVP in charge of Security, DR, IT Audit, and some Data Center Operations at
Putnam InvestmentsPutnam Investments• As head of DR, ran Putnam's failover during 9/11 when parent Marsh McLennan As head of DR, ran Putnam's failover during 9/11 when parent Marsh McLennan
failed over to our facility from the World Trade Center 99th floor data centerfailed over to our facility from the World Trade Center 99th floor data center• Coordinated over 65 audits per yearCoordinated over 65 audits per year• Previously ran major applications development for Trading/Analytics SystemsPreviously ran major applications development for Trading/Analytics Systems
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 44
OpenSource ToolsOpenSource Tools Classes of ToolsClasses of Tools
• Messaging - ThunderbirdMessaging - Thunderbird• Business Intelligence - OpenOfficeBusiness Intelligence - OpenOffice• Project ManagementProject Management
• EGroupwareEGroupware• OpenBenchOpenBench• OpenProjOpenProj
• Diagramming - DiaDiagramming - Dia• Operating Systems – LinuxOperating Systems – Linux• Security - avgSecurity - avg• Content Management (CMS)– Joomla!Content Management (CMS)– Joomla!• Browser – Mozilla FirefoxBrowser – Mozilla Firefox• Reference - WikipediaReference - Wikipedia
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 55
OpenSource ToolsOpenSource Tools
Will TheyWill They…?…?
Drive you crazy?Drive you crazy?
Waste your precious resources on a Waste your precious resources on a marginal investment that will soon marginal investment that will soon be out of date?be out of date?
Serve as evidence to be used against Serve as evidence to be used against you later?you later?
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 66
OpenSource ToolsOpenSource Tools
Could they help….?Could they help….?
Save you after you have already Save you after you have already gotten into trouble?gotten into trouble?
Attempt, however lamely, to keep Attempt, however lamely, to keep you out of troubleyou out of trouble
Prove that, however obvious the Prove that, however obvious the trouble is, it is not your faulttrouble is, it is not your fault
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 77
OpenSource ToolsOpenSource Tools
Calling in the ExpertsCalling in the Experts
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 88
OpenSource ToolsOpenSource Tools
Did you know….?Did you know….?
Seven out of ten attacks are from…Seven out of ten attacks are from…
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 99
OpenSource ToolsOpenSource Tools
You may be wondering…You may be wondering…
Why would anyone rely on them?Why would anyone rely on them?
Is free software real?Is free software real?
Will new tools ever stop coming out, Will new tools ever stop coming out, just for a little while?just for a little while?
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 1010
OpenSource ToolsOpenSource Tools
Standards Overview Standards Overview ISO/IEC 27000 - ISO/IEC 27000 - International Organization for International Organization for
Standardization/International Electrotechnical CommissionStandardization/International Electrotechnical Commission ITIL ITIL – Information Technology Infrastructure Library– Information Technology Infrastructure Library
NIST NIST - National Institute of Standards and Technology - National Institute of Standards and Technology
PMBOK PMBOK – Project Management Body of Knowledge– Project Management Body of Knowledge
TOGAF - TOGAF - The Open Group Architecture FrameworkThe Open Group Architecture Framework
CMMI for Development - CMMI for Development - Capability Maturity Model IntegrationCapability Maturity Model Integration SEI’s CMM SEI’s CMM (Capability Maturity Model)(Capability Maturity Model) for SW for SW
(US DoD) Software Engineering Institute (US DoD) Software Engineering Institute
COBIT - COBIT - Control Objectives for Information & related TechnologyControl Objectives for Information & related Technology Information Systems Audit and Control AssociationInformation Systems Audit and Control Association
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 1111
OpenSource ToolsOpenSource Tools DefinitionDefinition
“ “a decentralized form of production in a decentralized form of production in which the underlying programming which the underlying programming instructions, or “source code”, for a given instructions, or “source code”, for a given piece of software are made freely piece of software are made freely available. Anyone can look at it, modify it, available. Anyone can look at it, modify it, or improve it, provided they agree to or improve it, provided they agree to share their modifications under the same share their modifications under the same terms.…” terms.…”
-The Economist, June 10, 2004-The Economist, June 10, 2004
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 1212
OpenSource ToolsOpenSource Tools DefinitionDefinition
1. Free Redistribution 2. Source Code -The program must include source code3. Derived Works -The license must allow modifications 4. Integrity of The Author's Source Code 5. No Discrimination Against Persons or Groups 6. No Discrimination Against Fields of Endeavor 7. Distribution of License 8. License Must Not Be Specific to a Product 9. License Must Not Restrict Other Software 10.License Must Be Technology-Neutral
-Open Source Initiative
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 1313
OpenSource ToolsOpenSource Tools HistoryHistory
• 1960 - Arpanet1960 - Arpanet• 1969 - Internet1969 - Internet• 1998 – January- Netscape Navigator1998 – January- Netscape Navigator• 1998 – February- Open Source Initiative (OSI) 1998 – February- Open Source Initiative (OSI) • 1998 – April- 1998 – Open Source Summit1998 – April- 1998 – Open Source Summit• 2008 – Proliferation everywhere2008 – Proliferation everywhere
04/08/2304/08/23 Copyright 2009 Sarah CortesCopyright 2009 Sarah Cortes 1414
Sarah CortesSarah Cortes www.inmantechnologyIT.com www.inmantechnologyIT.com
Clients: Clients: • Harvard LawHarvard Law• Harvard CAITHarvard CAIT• BiogenBiogen• FidelityFidelity• BeBop Media & Music BeBop Media & Music
Practice expertisePractice expertise• Complex Application Development/ImplementationComplex Application Development/Implementation • IT Security/Risk Management/Audit ManagementIT Security/Risk Management/Audit Management • Data Center Operations Management Data Center Operations Management • Disaster Recovery/High AvailabilityDisaster Recovery/High Availability • Program/Project Management Program/Project Management
Background – Sarah CortesBackground – Sarah Cortes• SVP in charge of Security, DR, IT Audit, and some Data Center Operations at Putnam SVP in charge of Security, DR, IT Audit, and some Data Center Operations at Putnam
InvestmentsInvestments• Previously ran major applications development for Trading/Analytics SystemsPreviously ran major applications development for Trading/Analytics Systems• As head of DR, ran Putnam's failover during 9/11 when parent Marsh McLennan As head of DR, ran Putnam's failover during 9/11 when parent Marsh McLennan
failed over to our facility from the World Trade Center 99th floor data centerfailed over to our facility from the World Trade Center 99th floor data center• Coordinated over 65 audits per yearCoordinated over 65 audits per year• Certified Information Systems Auditor (CISA) and PMP-certified ( Project Certified Information Systems Auditor (CISA) and PMP-certified ( Project
Management Program) Management Program)
