More

    Bromium Makes Open Source Security Research Tool Available

    Slide Show

    How to Prepare for the Ever-Changing Evolution of Malware

    The open source community generally hasn’t produced many security analysis tools. For the most part, the tools required to do malware research are available only under a commercial license from security vendors that sell security software and hardware.

    Looking to increase the number of open source developers actively doing security research, at DerbyCon 2015 late last week, Bromium unveiled Packer Attack, an open source tool that enables security researchers to see what’s happening inside encrypted and encoded malware.

    Vadim Kotov, senior security researcher at Bromium, says the company started work on Packer Attack in earnest shortly after a Heartbleed bug compromised open source security on a broad scale. After that, it was apparent that not only were there not enough developers researching open source security, but also researchers didn’t have ready access to the tools needed to study advanced forms of malware.

    While it remains to be seen how many developers will actually take up open source security research, it’s apparent that security vendors perceive that the tools they use to research malware have commercial value. At the other end of the spectrum, however, Kotov says it’s easy to see how the academic community might contribute more aggressively to open source security research if there were free tools available.

    Regardless of how it is accomplished, there is clearly a need for more work to be done in an area of open source security research—especially when more malware than ever is being delivered via encrypted payloads. Arguably, it’s counterproductive to ask researchers to pay to use tools that they have no real commercial interest in profiting from; not to mention, such research benefits the IT community as a whole.

    How the rest of the IT security vendor community responds to having open source security research tools more broadly available remains to be seen. But at this juncture it would appear that Bromium is stepping up to force the issue.

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Latest Articles