Open Source Solutions for Security Engineering
Hands-on training in open source security tools — from vulnerability scanning to SIEM — for teams that need strong defenses on a lean budget.
About This Course
About This Course
Organisations often face budget constraints and resource limitations when implementing robust cybersecurity measures. This course provides a solution by introducing participants to a range of powerful, cost-effective open source tools and strategies that can be integrated into their security engineering processes. Participants gain the knowledge and skills required to harness the potential of open source solutions, enabling them to create a secure digital environment while optimising resources and reducing costs.
What You Will Learn
- Evaluate open source security tools for maturity, community support, and enterprise readiness
- Deploy vulnerability scanning and static analysis tools (OWASP ZAP, Trivy, Semgrep)
- Set up network monitoring and SIEM capabilities using Suricata, Wazuh, and the ELK stack
- Integrate open source security tools into CI/CD pipelines
- Build a unified security toolchain from open source components
Prerequisites
- Working knowledge of Linux command line and networking
- Familiarity with CI/CD concepts and containerisation
- Basic understanding of cybersecurity principles
Agenda
-
Open Source Security Landscape · 45 min
Overview of the open source security ecosystem. Evaluating tools for maturity, community support, and enterprise readiness. -
Vulnerability Scanning and SAST · 60 min
Hands-on with OWASP ZAP, Trivy, and Semgrep. Integrating static analysis and dependency scanning into CI/CD pipelines. -
Network Security and Monitoring · 60 min
Deploying Suricata, Wazuh, and the ELK stack for intrusion detection, log management, and SIEM capabilities. -
Integration and Automation · 45 min
Building a unified security toolchain from open source components. Automation strategies and cost-benefit analysis. Q&A session.