INSECURITY CONFERENCE 2017 - Washington, DC - Defending the enterprise is increasingly getting complex, with cloud, mobile, and IoT services expanding the potential attack surface and yet IT security budgets may remain constrained to address new threats, Arun DeSouza, CISO and privacy officer with Nexteer Automotive, said in a presentation here today.
But a number of free, or low-cost, tools exist to help security teams deliver a strong defense and remain within their budget, according to DeSouza, who offered tips on this topic. "We are in the fourth industrial revolution and there is great opportunity, but also more risk," DeSouza said.
Here are five free, or low-cost, security tools to extend a security budget:
- Bloodhound, a new open source pen test tool for Microsoft's Active Directory environment. "This is a cool tool that identifies attack paths, so you can see how to shut them down," DeSouza said.
- Nikto, an open source Web server scanner. "It's a powerful tool that can scan over 6,500 known vulnerabilities," DeSouza said.
- Reputation Monitor, a free service from AlienVault that conducts threat analysis. "If your public IPs and domains are compromised, it will alert you," DeSouza said.
- Ghostery, a free browser extension for private web browsing. "It's another way to sanitize data," DeSouza noted.
- Google Authenticator, a two-step verification code generator. "Companies that don't have an identity management framework in place can get a higher level of protection with this," DeSouza said.