Sourcefire Vulnerability Research Team (VRT)
Sourcefire VRT Certified Rules
Sourcefire VRT Certified Rules are the official rules of snort.org. Each rule has been rigorously tested against the same standards the VRT uses for Sourcefire customers. These rules are distributed under the new VRT Certified Rules License Agreement that restricts commercial redistribution. There are three ways to obtain these rules:
- Subscribers receive real-time rules updates as they are available – get more subscription highlights here
- Registered users can access rule updates 5 days after release to subscription users.
- Unregistered users receive a static ruleset at the time of each major Snort Release
| Latest Sourcefire VRT Certified Rule Updates |
|
| Featured VRT Tool |
|
OfficeCat
This tool processes Microsoft Office files to determine the possible presence of exploit conditions in the file. More information can be found here.
|
|
| The Latest Rants and Raves |
|
|
| VRT Whitepaper |
|
The Sourcefire Vulnerability Research Team (VRT) White Paper covers the capabilities and processes followed by the Sourcefire VRT in writing rules. Get it here.
|
|
Community Rules
In addition, the VRT maintains a community ruleset that contains rules submitted by members of the open source community. While these rules are available as is, the VRT performs basic tests to ensure that these rules will work using Snort. They are distributed under the GPL and are freely available to all open source Snort users.
About the Sourcefire Vulnerability Research Team
The Sourcefire Vulnerability Research Team (VRT) is a group of leading edge intrusion detection and prevention experts working to discover, assess and respond to the latest trends in hacking activity, intrusion attempts and vulnerabilities. This team is also supported by the vast resources of the open source Snort community, making it the largest group dedicated to advances in network security industry.
|
