Serving from the bottom up

Why Prelude Operator is investing in open-source security

When launching a new business, most decisions are centered around the product. Sales and pathways to revenue pave the road(map). Giving the product away for free and breaking down how it’s assembled seems counterintuitive. Maybe even destructive. So why, as a brand-new player in the cybersecurity industry, are we investing in this approach?

Open-source software (OSS) fuels the industry. It’s as simple as that.

At Prelude, we have a small team of hackers who have watched the industry get overtaken by companies with black-box solutions; technology that promises to secure your assets. Only you’re not allowed to look. This has bred distrust - and worse, a false-sense of security. Never mind that it completely bucks the community that enables & powers the cybersecurity space.

How have we allowed this to happen?

The answer - from the top down. Products are integrated into small and large businesses alike in one of two ways, either a top-down or bottom-up approach.

In the top-down approach, a C-level executive is sold on a security solution. Maybe they’re security-savvy enough to pick good from bad. More often than not, they’re unable to tell the difference, and they overbuy. Executives often do this as an insurance policy. When they inevitably get hacked, they can point to the many defensive solutions on the shelf and shift blame. 

I once spent a year interfacing with CISOs at major organizations. I was stunned to realize that most purchase, on average, two dozen - often overlapping - security tools each year. Two dozen. 

So, in this top-down approach the executive is the buyer. Therefore, those doing the selling build their products for executives. The boots-on-the-ground red-and-blue operators are handed an already purchased product and must adapt and use it, whether it is the right tool for the job, or what the tech team would have chosen, given the chance.

At Prelude, we decided to take the bottom-up approach.

This enables us to build the best security solution we can, making it primarily free and open, with the goal of getting it in the hands of operators everywhere. We consciously decided not to build our platform to be evaluated in the typical top-down way. We also agreed to build many open-source components, to encourage collaboration and foster community. We want to build trust, not a black-box. We also believe that organic, authentic development will lead to a better product and a strong group of evangelists. 

Our gamble is that by offering an open security product that is best of breed, we can provide value to organizations from the bottom-up. Here at Prelude, we’re building the tools that we want to use. The tools that we plan to take into the field with us. If it’s something that makes red-or-blue teaming simpler and easier to grok, we’re going to build it in. We’re boots-on-the-ground ourselves, so building anything else just doesn’t work for us.

So if you head to our GitHub, you’ll find a few repositories that are open-source and all pluggable into the Operator platform. These include an agent, a community repository of TTPs and a brand-new plugin space for extending Operator any way you want.