the de facto standard in IPS  
Got Source? About Snort About Sourcefire Snort FAQ
Sourcefire Network Security - the creators of Snort
Snort News Snort Downloads Snort Rules Snort Docs Snort Training Snort Forums Snort Community Snort Store
Search Site
Search Rules
Account
email
password
not registered?
can't login?
user preferences

Sourcefire Vulnerability Research Team (VRT)

VRT Rules · VRT Advisories · VRT Papers · VRT Rants · VRT Tools

Sourcefire VRT Certified Rules

Sourcefire VRT Certified Rules are the official rules of snort.org. Each rule has been rigorously tested against the same standards the VRT uses for Sourcefire customers. These rules are distributed under the new VRT Certified Rules License Agreement that restricts commercial redistribution. There are three ways to obtain these rules:

  • Subscribers receive real-time rules updates as they are available – get more subscription highlights here
  • Registered users can access rule updates 30 days after release to subscription users.
  • Unregistered users receive a static ruleset at the time of each major Snort Release

View the Sourcefire VRT Certified Rules Lifecycle Policy here


Latest Sourcefire VRT Certified Rule Updates
Featured VRT Tool
OfficeCat Tool OfficeCat
This tool processes Microsoft Office files to determine the possible presence of exploit conditions in the file. More information can be found here.
The Latest Rants and Raves
VRT Whitepaper
VRT White Paper The Sourcefire Vulnerability Research Team (VRT) Analysis of the Dan Kaminsky DNS Vulnerability Discusses the DNS Vulnerability made famous in 2008 by Dan Kaminsky and suggests detection methods using snort rules. Get it here.

Microsoft Advisory Information

Map of Microsoft Advisories to Snort Rules - Current year - Previous years

Community Rules

In addition, the VRT maintains a community ruleset that contains rules submitted by members of the open source community. While these rules are available as is, the VRT performs basic tests to ensure that these rules will work using Snort. They are distributed under the GPL and are freely available to all open source Snort users.

About the Sourcefire Vulnerability Research Team

The Sourcefire Vulnerability Research Team (VRT) is a group of leading edge intrusion detection and prevention experts working to discover, assess and respond to the latest trends in hacking activity, intrusion attempts and vulnerabilities. This team is also supported by the vast resources of the open source Snort community, making it the largest group dedicated to advances in network security industry.
why subscribe?
download rules
submit rule
previous rule updates
zotob case study
site feedback | Terms of Use | Privacy Policy | forum archives ©2008 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved.