Can You Build a Security Program on Open Source?

All links and images for this episode can be found on CISO Series. What would it take to build your entire security program on open source software, tools, and intelligence? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. We welcome guest DJ Schleen (@djschleen), distinguished security architect, Yahoo Paranoids. Thanks to our podcast sponsor, SPMB

SPMB connects top executive talent to the world’s best and fastest growing innovators across the country. A key area we bring extensive knowledge and expertise to is our dedicated Security Practice, leading both functional searches (CISO and VP’s defining security strategy) and building out executive teams at top security software companies. In this episode: • What would it take to build your entire security program on open source software, tools, and intelligence? • Is it possible/feasible/practical to run a security program entirely based upon free and open source software, open source tools, and open source intelligence? • Is it true that the more open source you use the more people you need? • Do commercial software systems, tools, and intelligence have value above what can be found in open source?