In an exclusive interview with eSecurity Planet, Roesch explains the role that open source security still plays in his firm, 15 years after it helped him start it all.
Roesch noted that the open source Snort project is still primarily controlled by him and Sourcefire, and that’s not necessarily a bad thing.
“In the early days of Snort we had lots of contributions,” Roesch said. “As we’ve matured over time, we’ve come to realize that there are things that should belong in Snort and things that should not.”
As such, over time the Snort project has focused on core functionality and external programs that extend non-core capabilities. That said, Roesch noted that the Snort open source development mailing list activity has been creeping up in recent years.
Snort can stand on its own without Sourcefire, in the sense that it is a functional IPS system that anyone can use. Roesch noted that keeping IPS up-to-date is critical, which is the role that Sourcefire plays.
“If an asteroid fell on top of Sourcefire headquarters and we all ceased to be, somebody else would have to take the ball and run with it,” Roesch said. “It will go stale if you don’t maintain it.”
Watch the video interview with Martin Roesch, founder of Snort below: