|
|
What is
Snort?
SNORT® is an open source network intrusion prevention
and detection system utilizing a rule-driven language, which combines
the benefits of signature, protocol and anomaly based inspection
methods. With millions of downloads to date, Snort is the most widely
deployed intrusion detection and prevention technology worldwide and
has become the de facto standard for the industry.
|
|
|
We’re pleased to introduce our first beta release built on the new Snort 3.0 architecture. SnortSP is an open-source platform for running packet-based network security applications, including the Snort 2.8.2.1 detection engine. SnortSP introduces a new shell-based user interface, a multi-threaded execution module, native IPv6 support, performance improvements, and more.
Get more info on SnortSP here. |
Project Spotlight |
Snort Users Webcast Series - Writing Effective Rules Part 1
In this latest Snort Users Webinar, Matt Olney of the Sourcefire VRT discusses the VRT's methodology for writing effective Snort Rules and what you need to know about Snort to take on rule writing.
This 60 minute session covers:
Detection theory | Snort’s architecture | Rule options available in Snort
View the webcast | download the slides |
Document Spotlight |
Sourcefire Vulnerability
Research Team (VRT) White Paper
White Paper covering the capabilities and
processes followed by the Sourcefire VRT in writing rules.
Get it here. |
|
|
|
|
|