Open security

Open security is an initiative to approach application security challenges using open source philosophies and methodologies. Traditional application security is based on the premise that any application or service (whether it is malware or desirable) relies on security through obscurity.[1]

On the developer side, legitimate software and service providers can have independent verification and testing of their source code.[2] On the information technology side, companies can aggregate common threats, patterns, and security solutions to a variety of security issues.[3][4]

See also

References

  1. ^ Raymond, Eric S (2004-05-17). "If Cisco ignored Kerckhoffs's Law, users will pay the price". LWN.net. http://lwn.net/Articles/85958/. Retrieved 2011-06-21. 
  2. ^ "Open Security Foundation". Open Security Foundation. http://www.opensecurityfoundation.org/. Retrieved 2011-06-21. 
  3. ^ "Open Web Application Security Project". https://www.owasp.org/index.php/Main_Page. Retrieved 2011-06-21. 
  4. ^ "Why have OSA?". OSA. http://www.opensecurityarchitecture.org/cms/en/about/why-have-osa. Retrieved 2011-06-21.