The CyaSSL embedded SSL library is a lightweight SSL library written in ANSI C and targeted for embedded and RTOS environments, primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments and cloud services as well because of its royalty-free pricing and excellent cross platform support. CyaSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, and NTRU.
Suricata is an Intrusion Detection and Prevention (IDS/IPS) engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support, file extraction capabilities, and many more features. It's capable of loading existing Snort rules and signatures, and supports many frontends through Barnyard2.
Dar is a shell command that makes backup of a directory tree and files. Its features include splitting archives over several files, DVD, CD, ZIP, or floppies, compression, full or differential backups, strong encryption, proper saving and restoration of hard links, extended attributes, file forks, Door inodes, and sparse files, remote backup using pipes and external commands (such as ssh), and rearrangement of the "slices" of an existing archive. It can run commands between slices, before and after saving some defined files or directories (for a proper database backup, for example), and quickly retrieve individual files from differential and full backups. Several external GUIs exist as alternatives to its CLI interface, like kdar, DarGUI, SaraB, etc.
UidSEC is an LSM (Linux Security Module) that extends the standard UN*X "resource protection" model by adding some features useful for untrusted multiuser systems. It can deny usage of dmesg to unprivileged users, hide processes of "other users" to unprivileged users, deny access to /sys and /config to unprivileged users, and protect usage of the bind() syscall using UidBIND.
Crypt::IDA is a Perl module that implements Rabin's Information Dispersal Algorithm. This is what's known as a "threshold system": a secret is divided into n shares with the property that any k (the "quorum" or "threshold") of those shares (with k <= n) can be combined at a later time to reconstruct the secret. The algorithm should be cryptographically secure in the sense that if fewer shares than the quorum k are presented, no information about the secret is revealed. The module uses Math::FastGF2 to efficiently implement the algorithm, making it suitable for securely sharing and distributing even large files. The Crypt::IDA::ShareFile module implements a file format for creating, storing, and distributing shares created with Crypt::IDA.
PRADS is a "Passive Real-time Asset Detection System". It passively listens to network traffic and gathers information on hosts and services it sees. This information can be used to map your network, letting you know what services and hosts are alive and used. It can also be used together with your favorite IDS/IPS setup for "event to host/service" correlation. It can help you make sure that your inventory database is up to date. PRADS commes in two versions. One written in Perl, and one written in C. Some features might only be found in one of the versions.