Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.


Latest Open Source Innovation Enables Users to Tie Together Various Threat Collection and Detection Technologies for Faster, Coordinated Protection

Wokingham, UK: 28th July, 2010 – Sourcefire, Inc. (Nasdaq:FIRE), the creator of Snort® and a leader in intelligent cybersecurity solutions, today announced Razorback™, an open source framework designed to deliver deep inspection capabilities for combating today’s most complex threats. In addition, Razorback has the ability to link together an organization’s detection investments and maximize their effectiveness -- providing greater visibility and intelligence into the threats detected by a variety of security solutions. Developed to help coordinate the response against Advanced Persistent Threats (APT), Razorback enables users to easily collect, analyze and store threat data from disparate technologies, so that they can implement customized enterprise- and threat-specific detection and remediation.

"The fear attributed to the common computer security breach has been elevated by the concept of an adaptive persistent adversary (APA) and the potential for multiple advanced persistent threat (APT) vectors," explains Andrew Hay, Senior Analyst at The 451 Group. "We are pleased to see this evolutionary step in the right direction, and hope it is the first of many."

¬Razorback’s goal is to act as an overlay solution and deliver centralized correlation, analysis and action by coordinating Intelligence Driven Response (IDR) processes using custom built and existing security tools (anti-virus, IDS, gateways, email, etc.). IDR goes beyond traditional incident response. It allows users to drive the information learned about specific attackers back into their security infrastructure for a truly customizable response to human adversaries. Razorback provides deep analysis and reporting by storing, in full, every piece of data identified that could indicate a compromise or attack and specifically highlights the components of that data which cause the system to trigger an alert. Additionally, Razorback enables targeted forensics information on common attack vectors.

“Open source is at the core of everything Sourcefire does, and Razorback is the latest innovation providing users with the ability to protect themselves from today’s sophisticated threats,” said Martin Roesch, Founder and CTO of Sourcefire® and Creator of Snort. “Sourcefire is known for pushing the detection envelope and Razorback’s near-real time detection and analysis engine delivers a timely solution for addressing client-side malware and attacks. We leveraged this knowledge to provide a framework that can tie together disparate security technologies and convert intelligence gathered on attacker methodology into detection and remediation capabilities.”

The innovative Razorback framework performs detection in near-real time (in terms of seconds), allowing for in-line blocking on “store and forward” services, such as email services or web proxies, and providing timely alerts in the event of an attack. It also provides enterprises with the ability to convert intelligence gathered on attacker methodology into detection capabilities, enabling them to rapidly develop and protect against targeted threats or Zero-Day vulnerabilities.

“Razorback was designed to address the current challenges of today's threat landscape where attackers are specifically creating attacks to avoid off the shelf tools and technologies,” said Matt Watchinski, Senior Director of the Sourcefire Vulnerability Research TeamTM (VRT). “The power is in combining the intelligence of an organization’s security infrastructure with fast and detailed analysis. By providing advanced detection capabilities for uncovering highly obfuscated, difficult-to-detect attacks along with detailed output, Razorback gives response teams a head start on analyzing attacks.”

A simple interface allows enterprises to integrate and extend functionality quickly and easily. Sourcefire will continue to develop additional capabilities and publish data collectors, detection engines, analysis software and output handlers to maximize the value of Razorback and encourage innovation from the open s¬ource community. Like other open source technologies, Razorback is available at no charge. To learn more about Razorback or download a copy, go to:

Sourcefire is scheduled to speak at DEFCON, August 1, 2010 at 3 p.m. To learn more about Razorback, journalists are invited to attend the session: Open Source Framework for Advanced Intrusion Detection Solutions.

About the Sourcefire Vulnerability Research Team (VRT)
The Sourcefire Vulnerability Research Team (VRT) is a group of leading intrusion prevention experts working to discover, assess and respond to the latest trends in hacking activity, intrusion attempts and vulnerabilities. The VRT includes some of the most renowned security professionals in the industry, including the authors of several standard security reference books. This team is also supported by the vast resources of the open source Snort and ClamAV communities, making it the largest group dedicated to advances in the network security industry. To keep up to date with the VRT’s research and insights into network security visit

About Sourcefire
Sourcefire, Inc. (Nasdaq:FIRE) is a world leader in intelligent Cybersecurity solutions. Sourcefire is transforming the way Global 2000 organizations and government agencies manage and minimize network security risks. Sourcefire’s IPS and Real-time Adaptive Security solution equips customers with an efficient and effective layered security defense – protecting network assets before, during and after an attack. Through the years, Sourcefire has been consistently recognized for its innovation and industry leadership by customers, media and industry analysts alike – with more than 50 awards and accolades. Today, the names Sourcefire and founder Martin Roesch have grown synonymous with innovation and network security intelligence. For more information about Sourcefire, please visit

SOURCEFIRE®, SNORT®, RAZORBACK™, the Sourcefire logo, the Snort and Pig logo, SECURITY FOR THE REAL WORLD™, SOURCEFIRE DEFENSE CENTER®, SOURCEFIRE 3D®, RNA®, RUA™, DAEMONLOGGER™, CLAMAV® and certain other trademarks and logos are trademarks or registered trademarks of Sourcefire, Inc. in the United States and other countries. Other company, product and service names may be trademarks or service marks of others.

Media Contact - Annette Finch, 01189 001135

Investor Contact - Tania Almond, Investor Relations Sourcefire - 001 410.423.1919

This press release was distributed by ResponseSource Press Release Wire on behalf of C8 Consulting in the following categories: Business & Finance, Computing & Telecoms, for more information visit