Sourcefire Vulnerability Research Team


The Sourcefire Vulnerability Research Team was a group of network security engineers which discovered and assessed trends in hacking activities, intrusion attempts, and vulnerabilities. Members of the Sourcefire VRT include the ClamAV team as well as authors of several standard security reference books and articles. The Sourcefire VRT is also supported by the resources of the open source Snort and ClamAV communities.
The group focuses on developing vulnerability-based rules to protect against emerging exploits for Sourcefire customers and Snort users. The VRT has provided zero-day protection for outbreaks of malware, including Conficker, Netsky, Nachi, Blaster, Sasser, Zotob, Nachi among others. The VRT also delivers rules that provide same day protection for Microsoft Tuesday vulnerabilities, develops the official Snort rules used by the Sourcefire 3D System, develops and maintains the official rule set of Snort.org, and maintains shared object rules that are distributed for various platforms in binary format.
Following the Cisco acquisition of Sourcefire. In 2014, the VRT combined with Cisco's TRAC and SecApps group to form Cisco Talos.