Monday, October 10, 2005

Sourcefire Purchased by Checkpoint

     Last week seemed to be a crazy week for everyone. While I was working on the finishing touched for BIRT Report Server Pt. 2, the security community went on quite a roller coaster ride with Tenable Security closing the source code for future versions of Nessus, and Sourcefire being acquired by Checkpoint.

     The Tenable news did not come as a surprise. If you recall a few months ago, Tenable did a similar tactic (,289142,sid14_gci1034903,00.html). While I do think it is unfortunate that there are moochers out there who take and give nothing back and make money off of someone elses work, that is one of the possibilities of the GPL license. Of course, you don’t release software under GPL to make money off of it. And your competitors are free to take your hard work and make money with it. While it is good news to hear that they are keeping the 3.0 and greater versions free, with Tenables trend over the past year I do have a feeling it won’t be long before even that ceases.

     With the Sourcefire news, I really do not see what the big fuss is about. Sourcefire was a company purchased by another company. This happens. There are some concerns over the future of Snort. However, both Checkpoint and Sourcefire have stated that they do not plan on changing anything.

Although Tenables path seems clear, I honestly think we should wait and see about the future of Snort. Consider the possible benefits here. You now have the merging of two companies, so you have the sum of both their assets. If Checkpoint is as good as their word, then Snort looks like it might have a promising future. I’ve read some people use Tenable actions as proof of Checkpoints motives. All I have to say is give me a break. Tenable != Checkpoint and Tenable != Sourcefire.

The trouble here is that Checkpoint is a publicly traded company, and Checkpoints shareholders may not necessarily be in the know. Most publicly traded companies will abandon being socially responsible and trample the stakeholders to appease the shareholders. I do think this is unlikely. Checkpoint would be shooting themselves in the foot if they did this. What would happen is they would change the license on Snort, then wait for someone to pay. And that would be about it. Besides, Checkpoint purchased Sourcefire for their product lineup, customers, and personnel. Snort just happens to be one of those tools they support. Snort may not see as much development effort, but I doubt it will be closed anytime in the near future. But if it does, I do for see a fork in its future. Only time will tell.


Joel Esler said...

Snort is going to remain free. There are absolutely no intentions whatsoever by any member of Sourcefire/Checkpoint to Close Snort at any point.

John Ward said...


Although I try not to deal with absolutes (Kenpo philosophy, not Jedi :) ), I agree that Snort is not going closed source. I feel that the fuss about this is typical rhetoric by distrusting enthusiasts. Checkpoint has nothing to gain but bad press by closing the source. Pretty much everyone from both sides have confirmed that Snorts not going anywhere.