Welcome to RSAC’s Community Open Source Tools information page. As part of our effort to provide as much value to the community as possible, we’ve created this guide to help you more easily find the open source resources and tools presented during Conference so that you can quickly access what you need to get up and running. 

This page provides project-specific information for the different tools. Listed in alphabetical order, we’ve highlighted the following for each project:

  • Description – a brief textual description of the project
  • Project page – a link to the main project page URL
  • User documentation – a link to the primary usage documentation for the project
  • Community discussion – a link to the forum, mailing list, or community discussion page
  • Upcoming sessions – a link to the RSAC session in which the project is to be discussed
Description Anchore Engine allows developers to perform detailed analysis on container images, generating a software bill of materials. Through seamless integration with CI/CD systems, Anchore Engine can prevent publication of images containing known vulnerabilities.
Project Page https://anchore.com/
User Documentation https://docs.anchore.com/current/docs/engine/engine_installation/
Community Discussion Slack Channel
Upcoming Sessions
Description Enarx aims to make it simple to deploy workloads to a variety of different TEEs in the cloud, on your premises or elsewhere, and to allow you to have confidence that your application workload is as secure as possible.
Project Page https://enarx.io/
User Documentation https://github.com/enarx/enarx/wiki
Community Discussion Gitter Link
Upcoming Sessions
Description Lucet is a native WebAssembly compiler and runtime. It is designed to safely execute untrusted WebAssembly programs inside your application.
Project Page https://github.com/bytecodealliance/lucet
User Documentation https://bytecodealliance.github.io/lucet/
Community Discussion TBD
Upcoming Sessions
Lyft Cartography
Description Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
Project Page https://github.com/lyft/cartography
User Documentation https://github.com/lyft/cartography#reference
Community Discussion TBD
Upcoming Sessions
Microsoft Attack Surface Analyzer 
Description Attack Surface Analyzer takes a snapshot of your system state before and after the installation of other software product(s) and displays changes to a number of key elements of the system attack surface. It also allows developers to view changes in the attack surface resulting from the introduction of their code to assess the aggregate attack surface of an organization's line of business applications or on potential customer systems.
Project Page  https://github.com/microsoft/attacksurfaceanalyzer
User Documentation  https://www.microsoft.com/en-us/download/details.aspx?id=58105
Community Discussion  TBD
Upcoming Sessions
Microsoft MYSTICPY

Microsoft Threat Intelligence Python Security Tools.  The msticpy package was initially developed to support Jupyter Notebook authoring for Azure Sentinel. Many of the included tools can be used in other security scenarios for threat hunting and threat investigation. There are three main sub-packages:

  • sectools - Python security tools to help with data enrichment, analysis or investigation.
  • nbtools - Jupyter-specific UI tools such as widgets, plotting and other data display.
  • data - data layer and pre-defined queries for Azure Sentinel, MDATP and other data sources.
Project Page  https://github.com/microsoft/msticpy
User Documentation  https://msticpy.readthedocs.io/en/latest/
Community Discussion  TBD
Upcoming Sessions
Description  NPK is a distributed hash-cracking platform built entirely of serverless components in AWS including Cognito, DynamoDB, and S3. It was designed for easy deployment and the intuitive UI brings high-power hash-cracking to everyone.
Project Page  https://github.com/Coalfire-Research/npk
User Documentation  https://github.com/Coalfire-Research/npk
Community Discussion  TBD
Upcoming Sessions
Description  OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.
Project Page  https://www.openssl.org/
User Documentation  https://www.openssl.org/docs/
Community Discussion  https://www.openssl.org/community/
Upcoming Sessions
Security Onion
Description Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!
Project Page  https://securityonion.net/
User Documentation  https://securityonion.readthedocs.io/en/latest/
Community Discussion  https://securityonion.readthedocs.io/en/latest/mailing-lists.html
Upcoming Sessions
Description A scalable, open source and free Security Incident Response Platform, tightly integrated with MISP (Malware Information Sharing Platform), designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly.
Project Page  https://thehive-project.org/
User Documentation  https://github.com/TheHive-Project/TheHiveDocs
Community Discussion  https://groups.google.com/a/thehive-project.org/forum/#!forum/users
Upcoming Sessions