In over 12 years as information security professionals we have been surprised not by how much has changed, but by how little.
Sure, today hardware is cheap. Vendor's system administration tools have improved (somewhat) and those who laughed at the idea of using open source software in a business environment eventually figured out that BIND, Sendmail, Apache, and dhcpd had been running their world for years. However, most of us still use simple passwords, patching is still a pain (automated or not), machine learning is still treated with skepticism (although millions of inboxes benefit from Bayesian spam detection). Most importantly for our clients, new software is still making the same old mistakes.
Single component software failure is still leading to the compromise of entire machines, or entire virtual machines for you VMware/Xen users. IT staff still spend much of their time building and rebuilding systems, and "try rebooting it" is still the most repeated phrase on the helpdesk. So what is working today?
They say that finding people you can count on is the hardest problem faced by any company. In turn, as individual consultants recommending systems and applications to clients, what can we count on? Which applications have shown up for work every day, perform consistently well, and never go postal? What can we learn from studying these tireless dependable workers? Can we use them to predict the likely performance of other software?
The consultants at Three Sixty Information Security have picked out their most frequently recommended pieces of software and investigated them in more detail, the people behind them, how they came about, and what makes them worth using.
For those of you familiar with the applications, perhaps already deploying them, skip on to the end of the document where we gather the threads together and answer the question:
What makes this software so uncommonly good?