Sourcefire Takes Security Threat Analysis To New Level

Sourcefire, which is best known for its open source Snort IDS, released Razorback in the hopes of allowing broader visibility. This new framework, according to a Sourcefire statement, is designed to protect multi-vendor threats by using a company’s own detection investments.

Razorback specifically targets Advanced Persistent Threats, or APT, to analyze threat data from several sources and prevent future attacks. In nearly real-time, the Razorback framework conducts detection on e-mail or Web proxies, for example, then alerts enterprises.

The Razorback framework also allows for conversion from intelligence to detection capabilities, and uses a basic interface to incorporate functionality.

By using its Intelligence Driven Response process, Razorback will act as an overlay solution and deliver centralized correlation, according to Sourcefire. This IDR technology facilitates affected users to customize responses to their security attacks, and targets the specific components that cause the alert.

"Open source is at the core of everything Sourcefire does, and Razorback is the latest innovation providing users with the ability to protect themselves from today’s sophisticated threats," said Martin Roesch, Founder and CTO of Sourcefire and Creator of Snort, in a statement.