Organization:Sourcefire Vulnerability Research Team
The Sourcefire Vulnerability Research Team (VRT) was a group of network security engineers which discovered and assessed trends in hacking activities, intrusion attempts, and vulnerabilities.[1] Members of the Sourcefire VRT include the ClamAV team as well as authors of several standard security reference books[2][3][4] and articles. The Sourcefire VRT is also supported by the resources of the open source Snort[5] and ClamAV[6] communities.
The group focuses on developing vulnerability-based rules to protect against emerging exploits for Sourcefire customers and Snort users. The VRT has provided zero-day protection for outbreaks of malware, including Conficker,[7] Netsky, Nachi,[8] Blaster, Sasser, Zotob,[9] Nachi[10] among others. The VRT also delivers rules that provide same day protection for Microsoft Tuesday vulnerabilities, develops the official Snort rules used by the Sourcefire 3D System, develops and maintains the official rule set of Snort.org, and maintains shared object rules that are distributed for various platforms in binary format.[11][12]
Following the Cisco acquisition[13] of Sourcefire. In 2014, the VRT combined with Cisco's TRAC and SecApps (Security Applications) group to form Cisco Talos.[14]
See also
- Intrusion Detection System (IDS)
- Denial-of-Service
- Host-based Intrusion Detection
- Network intrusion detection system
- Real-time adaptive security
- Bypass Switch
References
- ↑ "Inside Sourcefire's Vulnerability Research Team". 2010-05-12. http://www.csoonline.com/article/593237/inside-sourcefire-s-vulnerability-research-team. Retrieved 2010-07-06.
- ↑ "Snort 2.1 Intrusion Detection, Second Edition". 2004-04-30. https://www.amazon.com/exec/obidos/tg/detail/-/1931836043/. Retrieved 2009-12-11.
- ↑ "Snort2.0 Intrusion Detection (Paperback)". 2003. https://www.amazon.com/exec/obidos/tg/stores/detail/-/books/1931836744/. Retrieved 2009-12-11.
- ↑ "Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century". 2009-07-03. https://www.amazon.com/Practical-Intrusion-Analysis-Prevention-TwentyFirst/dp/0321591801/ref=sr_1_1?ie=UTF8&s=books&qid=1258995168&sr=1-1. Retrieved 2009-12-11.
- ↑ "Sourcefire VRT". http://www.snort.org/vrt. Retrieved 2010-07-06.
- ↑ "FAQ – Malware Statistics". http://www.clamav.net/lang/en/support/faq/faq-cctts/. Retrieved 2010-07-06.
- ↑ "Dark Reading Article". 2009-01-30. http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=213000041. Retrieved 2009-12-11.
- ↑ "The Free Library Article". 2007. http://www.thefreelibrary.com/Sourcefire(R)+Protects+Users+from+Exploits+Against+Microsoft+Tuesday...-a0169667038. Retrieved 2009-12-11.
- ↑ "Dark Reading Article". 2009-01-30. http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=213000041. Retrieved 2009-12-11.
- ↑ "Encyclopedia.com Article". 2005-08-17. http://www.encyclopedia.com/doc/1G1-135220661.html. Retrieved 2009-12-11.
- ↑ "Microsoft Security Response Center Partners". http://www.microsoft.com/security/msrc/collaboration/mapppartners.aspx. Retrieved 2010-07-06.
- ↑ "Inside Sourcefire's Vulnerability Research Team". 2010-05-12. http://www.csoonline.com/article/593237/inside-sourcefire-s-vulnerability-research-team. Retrieved 2010-07-06.
- ↑ "Cisco Completes Acquisition of Sourcefire". 2013-10-07. http://www.cisco.com/web/about/ac49/ac0/ac1/ac259/sourcefire.html. Retrieved 2014-06-18.
- ↑ "Cisco Talos". 2018-01-19. https://talosintelligence.com.
External links