Open source security tools abound, so take advantage of them and avoid paying for commercial products if open source fits your needs. That was the message from Matthew Luallen, president of consulting firm Sph3r3, who spoke at yesterday’s InfoSec Conference.