Why Subscribe?
Snort has long been recognized as the de facto standard for
intrusion detection and prevention. The power, precision and
flexibility of the technology and the robust rules language enable the
industry's most comprehensive threat coverage. Understanding that
attackers are constantly developing new methods of attack, uncovering
new vulnerabilities and exploiting known weaknesses in commonly
deployed systems, Sourcefire created the Sourcefire Vulnerability
Research Team (VRT) to ensure our customers stay one step ahead of the
latest threats.
Over the past few years the Sourcefire VRT has helped to take Snort rules
to the next level, ensuring that rules are accurate and fully tested
before they are released to the community. They also focus their
efforts on writing complex rules for underlying vulnerabilities as well
as exploits. This new holistic approach offers Snort users detection
coverage in advance of actual threats and often before the Snort user
is even aware that coverage is needed.
Subscribers receive:
- The fastest access to Sourcefire VRT Certified Rule updates
- The same quality ruleset developed for Sourcefire customers – 30
days faster than registered users
- Coverage in advance of exploits - The
Sourcefire VRT proactively focus on the underlying vulnerability, rather than
simply reacting to known attacks
- The ability to submit false positives/negatives
directly to the Sourcefire VRT – A detailed submission form sends false
positives/negatives reports directly to the VRT
With the Sourcefire VRT subscription service, we are able to extend the same commercial-level coverage that Sourcefire customers receive to Snort® users.
Subscription options:
- Personal
- This subscription type is for use in a home network environment or for educational purposes only.
- Business - This subscription type is for use in businesses, non-profit organizations, colleges and universities, government agencies, consultancies, etc where Snort sensors are in use in a production or lab environment. This subscription type does not include license to redistribute VRT Certified Rules except as described in section 2.1 of the VRT license agreement.
- Integrator – This subscription type is an OEM license for businesses that intend to distribute Sourcefire VRT Certified Rules as part of an integrated product or service offering. For more information on the Snort Integrator program contact us here snort-license@sourcefire.com.
Subscription pricing:
| Subscription Type |
Pricing |
Sensor(s) |
| Personal (available only online) |
$29.99 |
1 |
| Business |
$499 (annual) |
1-5 |
| Business |
$399 (annual) |
6+ |
| Integrator |
|
|
For additional subscription information,
please submit a contact request
or call 800.501.6008. The Most Comprehensive Protection Available
In addition to the Sourcefire VRT research and standard feeds, the early
warnings provided by the open source community give the Sourcefire VRT
insight and access to vulnerability data well before exploits are
available. This enables them to proactively focus on the underlying
vulnerability, rather than reacting to known attacks. By leveraging the
flexibility of the Snort rules language, the Sourcefire VRT is able to provide
detection and prevention capabilities well in advance of an actual
threat. For example, when the team learned of a vulnerability in
Microsoft RPC DCOM they immediately recognized the potential for
devastating attacks. Within days they were able to release new Snort
rules to detect attempts to exploit this vulnerability. When the
Blaster worm, which uses this attack vector, was released weeks later,
users were already protected.
About the Sourcefire VRT
The Sourcefire VRT is a group of
leading edge intrusion detection and prevention experts working to
discover, assess and respond to the latest trends in hacking activity,
intrusion attempts and vulnerabilities. This team is also supported by
the vast resources of the open source Snort community, making it the
largest group dedicated to advances in network security industry.
|
