There are many factors in choosing software to run a web site. Security is a major factor due to direct exposure on the internet. It might be an even bigger factor for companies whose business is security, as a security breach would be quite embarrassing for the company and disconcerting to customers. So what software is used by those who specialize in security?
This list is far from exhaustive, but includes many of the most popular sources for security information and software. All sites were checked on or around Nov. 1, 2004 by Netcraft (who runs their site with Apache on FreeBSD).
| Company/Org/Site | Address | OS | Server |
|---|---|---|---|
| Attrition.org | www.attrition.org | Linux | Apache |
| CERT | www.cert.org | Linux | Apache |
| Internet Security Systems | www.iss.net | Solaris (UNIX) | Apache |
| NetIQ * | www.netiq.com | Windows 2000 | IIS |
| National Institute of Standards and Technology | csrc.ncsl.nist.gov | AIX (UNIX) | Netscape-Enterprise |
| Risks Digest | catless.ncl.ac.uk/Risks | Linux | Apache |
| SANS | www.sans.org | Linux | Apache |
| Secunia | secunia.com | Linux | Apache |
| SecurityDocs | www.securitydocs.com | Linux | Apache |
| SecurityFocus | www.securityfocus.com | Linux | Apache |
| St. Bernard Software | www.stbernard.com | Windows 2000 | IIS |
| Symantec | www.symantec.com | Solaris (UNIX) | Netscape-Enterprise |
| Zone Labs * | www.zonelabs.com | Solaris (UNIX) | Apache |
| * = Company focuses on only Microsoft-related products | |||
The majority of popular security sites use Apache with Linux or UNIX. If security professionals and experts don't trust Microsoft software to run their web sites why should anyone else?