New Technology Delivered in Both Commercial and Open Source Forms
COLUMBIA, Md.--(BUSINESS WIRE)--May 22, 2007--Open source
innovator and SNORT (R) creator, Sourcefire, Inc., and Insecure.Org,
the creator of the Nmap(R) Security Scanner, today announced a
licensing agreement for the parties to jointly develop open source
vulnerability scanning technology based on the general purpose Nmap
Scripting Engine (NSE) embedded within the popular Nmap network
discovery tool. Under the agreement, Insecure.Org will develop the
engine while the Sourcefire Vulnerability Research Team (VRT) will
develop and contribute plug-ins for discovering specific
vulnerabilities.
"Sourcefire was built on the premise of combining open source
technologies with proprietary innovation and funded research to
produce world-class solutions for our customers," said Martin Roesch,
Sourcefire's Chief Technology Officer and the original author of
Snort. "This joint effort exemplifies the spirit of the open source
community, combining Insecure.Org's active scanning expertise with
Sourcefire's vulnerability research capabilities to deliver a powerful
new open source scanning technology. As open source leaders and
innovators, both of our organizations are dedicated to providing users
with the best possible technology to address their security issues,
and we are very excited by the capabilities that this relationship
will deliver."
The new engine technology will be available within the open source
Nmap Security Scanner as well as bundled into the Sourcefire 3D(TM)
System. When combined with Sourcefire RNA as part of the award-winning
3D System, these new active scanning capabilities will enable
customers to coordinate passive network discovery with surgical active
scanning for a sophisticated approach to vulnerability detection.
Users of Sourcefire RNA will be able to identify real-time network
changes and then use the Nmap capabilities to deliver specific
vulnerability information for only those assets that have been added
or changed, significantly reducing scanning times, enhancing network
performance and providing detailed analysis much more quickly than
traditional solutions.
"This partnership is an exciting moment for the Nmap project,"
said Nmap creator and lead developer Fyodor. "Nmap has grown over the
years from simply enumerating open port numbers to identifying remote
operating systems and application versions. With NSE we are taking the
next step forward by facilitating advanced network discovery and
vulnerability detection. We are grateful to Sourcefire for lending the
talents of their exceptional VRT team to this project, and we are
happy to see the technology providing value to Sourcefire's enterprise
customers as well."
Vulnerability management is a common security best practice
required by a wide array of government and industry security
regulations. This new scanning technology will help security
professionals perform vulnerability assessments. As organizations
migrate to IPv6 environments, Sourcefire believes that the efficiency
of a combined approach using both passive and active assessment
technologies will be necessary for effective risk assessment.
Availability
An alpha release of the Nmap Scripting Engine with a number of
initial scripts is now available at
http://insecure.org/nmap/download.html. The commercial Sourcefire
version is expected to be embedded in the 3D System beginning in the
first quarter of 2008.
About Nmap
Nmap ("Network Mapper") is a free open source utility for network
exploration and security auditing. It was designed to rapidly scan
large networks, although it also works against single hosts. Nmap uses
raw IP packets in novel ways to determine what hosts are available on
the network, what services (application name and version) those hosts
are offering, what operating systems (and OS versions) they are
running, what type of packet filters/firewalls are in use, and dozens
of other characteristics. Nmap runs on most types of computers and
both console and graphical versions are available at www.insecure.org.
Nmap is a registered trademark of Insecure.com, LLC
About Sourcefire
Sourcefire, Inc. (Nasdaq: FIRE), SNORT (R) creator and open source
innovator, is a world leader in Enterprise Threat Management (ETM)
solutions. Sourcefire is transforming the way Global 2000
organizations and government agencies manage and minimize network
security risks with its 3D Approach - Discover, Determine, Defend - to
securing real networks. The Sourcefire 3D System is the first to unify
IPS, NBA, NAC and Vulnerability Assessment technologies under the same
management console. This ETM approach equips customers with an
efficient and effective layered security defense - protecting network
assets before, during and after an attack. Through the years,
Sourcefire has been consistently recognized for its innovation and
industry leadership by customers, media and industry analysts alike -
with more than 30 awards and accolades. Recently, Sourcefire was
positioned in the Leaders Quadrant of Gartner's "Magic Quadrant for
Network Intrusion Prevention System Appliances 2H06" report, and the
Sourcefire 3D System was named "Best Security Solution" at the 2006 SC
Magazine Awards. Today, the names Sourcefire and founder Martin Roesch
have grown synonymous with innovation and network security
intelligence. For more information about Sourcefire, please visit
http://www.sourcefire.com.
SOURCEFIRE(R), SNORT(R), the Sourcefire logo, the Snort and Pig
logo, SECURITY FOR THE REAL WORLD(TM), SOURCEFIRE DEFENSE CENTER(TM),
SOURCEFIRE 3D(TM), RNA(TM), DAEMONLOGGER(TM) and certain other
trademarks and logos are trademarks or registered trademarks of
Sourcefire, Inc. in the United States and other countries.
Cautionary Language Concerning Forward-Looking Statements
The statements contained in this release that are not historical
facts are "forward-looking statements" (as such term is defined in the
Private Securities Litigation Reform Act of 1995) that involve risks
and uncertainties. These statements, which can be identified by words
or expressions such as "will," "believe," "expect" and similar
expressions, include our expectations regarding the effectiveness of
the Nmap vulnerability scanner being developed in partnership with
Insecure.org and the timing for commercial release of the product, our
ability to successfully integrate the Nmap solution into our 3D system
and to integrate our RNA capabilities across our intrusion prevention,
NBA, NAC and Vulnerability Assessment security components, as well as
whether that integration will provide our customers with the necessary
user awareness to enable them to immediately identify, list and
respond to suspect users. Management cautions the reader that these
forward-looking statements are only predictions and are subject to a
number of both known and unknown risks and uncertainties, including
whether or not Sourcefire's RNA technology and our products are
effective or gain acceptance in the marketplace, and our ability to
successfully rollout the Nmap solution as part of our product
offerings. Actual results, performance, and/or achievements of
Sourcefire, Inc. may differ materially from the future results,
performance, and/or achievements expressed or implied by these
forward-looking statements. These factors include, without limitation,
those risks and uncertainties described from time to time in the
reports filed by Sourcefire, Inc. with the Securities and Exchange
Commission. Sourcefire, Inc. undertakes no obligation to update any
forward-looking statements.
CONTACT: Welz & Weisel Communications
Tony Welz, 703-218-3555 x226
Principal
tony@w2comm.com
or
Investors:
Sourcefire, Inc.
Tania Almond, 410-423-1919
Investor Relations Officer
tania.almond@sourcefire.com
SOURCE: Sourcefire, Inc
