Sourcefire Vulnerability Research Team™ (VRT)
The Sourcefire Vulnerability Research Team™ (VRT) is a group of leading edge network security experts working around the clock to proactively discover, assess and respond to the latest trends in hacking activities, intrusion attempts and vulnerabilities. Some of the most renowned security professionals in the industry, including the authors of several standard security reference books, are members of the Sourcefire® VRT. This team is also supported by the vast resources of the open source Snort® community, making it the largest group dedicated to vulnerability research and advances in the network security industry.
The Sourcefire VRT is dedicated to protecting Sourcefire customers and Snort users by verifiably defending against:
- All possible attacks against vulnerabilities
- Before specific exploits proliferate in the wild, while
- Minimizing false positives and eliminating false negatives.
- Rather than traditional exploit-based signatures, which provide little protection against unknown or zero-day threats, the Sourcefire VRT develops vulnerability-based rules for protection against emerging exploits before they are in the wild.
Below is a sampling of the threat detection provided by all Sourcefire IPS solutions:
- DoS attacks
- Invalid headers
- Statistical anomalies
- Protocol anomalies
- Application anomalies
- Malformed traffic
- TCP segmentation and IP fragmentation
Validated by a proven track record, the Sourcefire VRT has protected customers in advance of every significant outbreak of malware, including Conficker, Netsky, Nachi, Blaster, Sasser, Zotob and many more, without the need for further updates to detect new variants.
The Sourcefire Vulnerability Research Team:
- Leads the IDS/IPS industry in delivering rules that provide same day protection for critical Microsoft Tuesday vulnerabilities.
- Develops the official Snort rules used by the Sourcefire 3D® System.
- Maintains a community rule set that contains rules submitted by members of the open source community and tested by the VRT to ensure they work using the latest version of Snort.