With the recent acquisitions and licensing decisions at Sourcefire/Checkpoint and Tenable respectively, the open source security landscape is thinner than before. This article concludes that:
The moral is that heavy reliance on open source carries risk, and that the greatest insurance policy for open-source technology is participation by a large number of users and developers. If you're thinking of using open source, keep a close eye on what happens to both Snort and Nessus.
Why these scenarios suggest that Open Source carries more risk is hard for me to understand. Closed source solutions are acquired (and retired) all the time, what is the future for Netegrity's products now that they are owned by CA, for example? The market and adoption are constant factors for both open source and closed source solutions. Company product managers may decide that a certain tool is not hitting its revenue targets and place less emphasis on its development and/or retire it altogether. When this happens in Open Source, you are still left with the code, when this happens in a closed source product you are typically left with the marketing brochures.
Anyhow, now that Snort and Nessus are no longer on the Open Source landscape is there an opportunity for another Open Source security-focused tool to step in?