Insight by Elastic

Open Source Powers Innovation, Transformation Across Government

This content is provided by Elastic

George Young, Area Vice President – Federal, Elastic

For government users, open source is no longer a bleeding-edge technology. Open source tools are powering innovation and transformation across government agencies because they offer affordable, secure, and innovative alternatives to traditional solutions.

An open source approach allows developers to download code, start building prototypes and deploy solutions that meet their agency’s mission needs within days or weeks instead of months. It’s a far cry from the traditional government technology procurement cycle which often taking years from procurement to installation. Moreover, that solution still may not fully deliver on what was promised after being in development for years. Open source solutions don’t just shorten the procurement and development cycle, they also give developers and system users more confidence that the solutions will actually work because it’s faster and less expensive to build working proof of concepts (POCs).

Another reason open source is poised to take the prime time slot in government agencies is because open source no longer means less secure. In fact, in many cases, open source software is even more secure and as stable as custom-built proprietary software. With more eyes on the code, a rich community of developers can view and suggest changes to correct errors and omissions. This means that the community can play a vital role in fixing, updating, and upgrading open source software more quickly than proprietary solutions can be. It’s part of the reason that government is embracing bug bounty programs. They understand that the more eyes you have on the code, the greater chance you have of finding and addressing vulnerabilities.

Elastic, the company behind Elasticsearch, has built a community of more than 100,000 developers around its collection of open source big data search, logging, and analysis products. All of the code on Elastic’s commercial products is open, including the parts that are licensed under a subscription. Government agencies can scan the code to ensure it meets their security requirements. In addition, people around the world can scan Elastic’s code for vulnerabilities and report them to GitHub.  Elastic engineers closely review, evaluate and test anything the open source community suggests. They build out the open source software further to ensure that no malicious backdoors have been placed in the code.

Open Source Government Use Cases

The accessibility and inherently open nature of open source tools empowers forward-thinking leaders to quickly build and create. Leaders in the defense community have embraced the concept that a community of developers can address evolving threats faster than waiting for a software vendor to come up with something. For example, an open source project called Response Operations Collections Kit Network Security Monitoring (RockNSM) uses a network analysis tool developed by the Department of Energy’s Berkeley Laboratory and the Elastic suite of search, analytic, data capture, and visualization tools to help defense and civilian agencies thwart network intruders and attacks.

Developed by The Missouri National Guard Cyber Team, RockNSM is a collections platform that provides robust, scalable sensors for both enduring security monitoring and incident response missions.

Here are some of the open source projects RockNSM uses under the covers:

  • Elasticsearch is used for reliable data storage and indexing to support rapid retrieval and analysis of the data. A highly scalable open-source full-text search and analytics engine. Elasticsearch allows users to ingest, store, and query massive amounts of data (such as all security-relevant data in a security operations center) quickly and in near real time. It is generally used as the underlying engine and technology that powers applications that have complex search features and requirements.
  • Kibana lets analysts visualize the data inside of Elasticsearch in real time. It provides rich visualization that runs in petabyte time as the data is coming in.
  • Logstash is an extract, transform, and load tool that pulls data from a variety of sources such as legacy databases, NoSQL databases, IoT devices and other machines. It pulls information in its current format and puts it into a much more usable format via the JavaScript Object Notation (JSON) standard.

The Missouri National Guard has built an open source community around RockNSM. As a result, it has also become a platform for writing and sharing code with other users to help enhance features. The platform is widely used in the Defense Department, civilian agencies, and even banks and major retail organizations are using the same platform. It is a great example of the use of open source because it can be deployed at almost no cost. Organizations just need hardware for RockNSM to run on. It solves a problem that could not have been solved easily with commercial security tools, and it gives users of the platform a lot more agility. The National Guard did not have a large budget. Instead, they addressed their network security problem using open source, and later added more of Elastic’s commercial features as budget became available.

The United States Geological Survey (USGS) is another agency sparking innovation with open source. USGS researchers wanted to understand the impact of earthquakes in places where the agency did not have seismographs. Officials there found that Twitter was a great source of gathering earthquake data because the application has geographical information, time information, and the tweets people send out. They decided to put those Twitter feeds into Elasticsearch to better understand where earthquakes are occurring and the severity of the quakes by analyzing the language of the tweets.

Just like the Missouri National Guard, USGS scientists had a tight budget. However, they were able to implement an open source solution that lets them understand earthquake information in places where it is too expensive or too difficult to place seismographs.

Open source solutions such as Elasticsearch are widely deployed in production systems that are running tens of petabytes of data for mission-critical applications across government. Agency technology managers looking to embark on this journey should identify small DevOps projects where they can prove that open source can help solve hard problems quickly and in a secure manner. They can also work with vendors like Elastic to find other users in the community who can share lessons learned and best practices from similar projects. The collaborative nature of open source ensures that all stakeholders are part of the process and can contribute to the success of the project.

About Elastic

Elastic is a search company. As the creators of the Elastic Stack (Elasticsearch, Kibana, Beats, and Logstash), Elastic builds self-managed and SaaS offerings that make data usable in real time and at scale for search, logging, security, and analytics use cases. Since its founding in 2012, there have been more than 350 million cumulative downloads of Elastic software. Elastic is a distributed company with more than 1,000 Elasticians in 30 countries. Learn more at elastic.co.