Open Source Issues and Opportunities for Tripwire

Jan 21, 2000

Download: MP4 Video Size: 214.1MB  
Watch on YouTube

Abstract

Tripwire has a long history of openly available source, having been created at Purdue University in 1992 as a publicly available security tool. It has been created into an industrial strength tool, and has been successful in protecting critical enterprise processes in business and government.


One of the decisions we made was to use a conventional shrink-wrapped software model -- in other words, source code was no longer readily available to the public. Without question, this has been a smooth and successful transition. Tripwire v2.0 provided a variety of additional compelling features so that customers have embraced the new product.


However, there were some things that happened along the way that didn't quite go as planned. And some things were just were downright surprising.


This presentation will address some of the consequences of having a closed source product, and describe some issues in considerable detail. Then, possible "open source" opportunities will be presented, with all sorts of benefits discussed, evaluated, and some discarded. Some perceived dangers are mulled over, and also evaluated. Audience participation will be encouraged.