Sourcefire VRT® (Vulnerability Research Team)

The Sourcefire VRT® (Vulnerability Research Team) is a group of elite cyber security experts dedicated to serving both Sourcefire commercial customers and open source users. The Sourcefire VRT was founded on one core objective: "Protecting 'Your' Network." While this may sound simplistic, in reality it is quite complex. Every network is different- from the applications running on it, to the users who work on it, to the policies that govern it. This is why the Sourcefire VRT believes that in order to be effective in helping you protect "your" network, we have to be more than just a traditional response organization; we have to be a proactive member of your security ecosystem. 

THIRD PARTY VALIDATION
The Sourcefire VRT is well known in the industry for its excellence in detecting the myriad vulnerabilities and exploits that emerge daily. Using high quality, rapid releases on a biweekly basis, the Sourcefire VRT keeps all of our customers up-to-date with vulnerability-based protections for the latest threats. While other vendors claim similar coverage, only the Sourcefire VRT has proven time and time again in third-party validation that our detection content is top notch. Sourcefire VRT has led the NSS Labs Network IPS test in detection rate with close to 100% detection two years running. Additionally, ICSA Labs has certified the Sourcefire VRT's vulnerability protections for the last five years with 100% detection rates in vulnerability tests. The Sourcefire VRT are also key contributors to community lead intelligence programs. Working in partnership with the SANS institute, the Sourcefire VRT are key contributors to the SANS @RISK Security Consensus Alert, a community resource that provides actionable weekly intelligence. This widely respected resource contains newly discovered attack vectors, vulnerabilities with active new exploits, insightful explanations of how recent attacks worked, and detailed intelligence of live in-the-wild malware.

AEGIS - EXTENDING YOUR TEAM
Having a trusted place to turn when the going gets tough is essential to effective security. Without strong communication channels between trusted partners, other security teams, and the response teams of your security vendors it is impossible to stay up to date on the latest threats, and solve your unique security problems. The Sourcefire VRT believes we should be an extension of your security team. We don’t just push information at you, we want to have constructive conversations about your goals and how we can help you reach them.

REAL-TIME MALWARE INTELLIGENCE
Using data acquired through the millions of users worldwide, along with honeypots, sandnets, and extensive industry partnerships in the malware community, the Sourcefire VRT collects more than 100,000 malicious software samples a day. Through our advanced analysis infrastructure and our team of security experts, the Sourcefire VRT automatically analyzes these samples and rapidly generates detection content to mitigate these threats on a daily basis.

KEY VRT RESPONSIBILITIES

• Vulnerability research
• Snort® IPS rules (SRU/SEU)
• Vulnerability database (VDB)
• FireAMP malware reports
• Reputation data feeds
• ClamAV® malware signature
• ClamAV® engine

Catch the latest news from the Sourcefire VRT on their official blog page here. To learn more about the Sourcefire VRT Rule Methodology and process for writing, testing and publishing new rules, download the Sourcefire Vulnerability Research Team white paper.