"By releasing SIMP, the agency seeks to reduce duplication of effort and promote greater collaboration within the community: The wheel would not have to be reinvented for every organization," says the NSA.
Dubbed Systems Integrity Management Platform (SIMP), the tool is now publicly available on the popular source code sharing website GitHub.
According to an official release from NSA, SIMP makes it easier for government organizations and the private sector to "fortify their networks against cyber threats."
SIMP aims at providing a reasonable combination of security compliance and operational flexibility, keeping networked systems compliant with security standards and requirements. It is considered to be a critical part of a layered, "defence-in-depth" approach to information security.
Currently, SIMP supports operating systems including Red Hat Enterprise Linux (RHEL) Versions 6.6 and 7.1 as well as Community Enterprise Operating System (CentOS) Versions 6.6 and 7.1-1503-01.
The question here is not how much security NSA's tool offers, but the question is -- Shall we trust NSA tool?
Until now, the entire world is aware of the NSA's Global surveillance practices. The internal data exposed by former contractor Edward Snowden shown the extent of surveillance and bulk data collection by NSA, which range from US citizens to leaders of allied governments.
Several US government officials, including the NSA Director Mike Rogers, outgoing US Attorney General Eric Holder, and the FBI director James Comey, have all suggested that major tech companies such as Apple and Google should provide law enforcement agencies special access to their users' encrypted data, demanding secret backdoors.
Knowing this, one must think twice before adopting NSA's latest SIMP tool. However, the security of a Linux is a massive subject and tools are used to provide additional security on a Linux computer. So, it is always important to choose a right tool.
After all, Your system's greatest security lies in only your hand.