Security Bytes

Sep 12 2011   9:29PM GMT

Sourcefire pushes new ‘Agile’ message to market

Michael Mimoso Profile: maxsteel

Since going public in 2007, network security company Sourcefire Inc., the home of the open source Snort intrusion detection and prevention system, has been busy expanding the breadth of its offerings – and has done so primarily via acquisition. Strategically, it’s a smart move to branch out beyond IDS and into endpoint (Clam AV) and cloud-based protection (Immunet), but the company has admittedly struggled with its identity because of Snort’s tremendous brand.

Today, the company launched a new campaign promoting what it’s calling Agile Security designed to put the message front and center to the market and customers that Sourcefire is deeper than just Snort. The company, founded by Marty Roesch, wants to position its products as a counter to today’s dynamic attacks.

“Traditional security is static; set-it-and-forget-it security doesn’t help,” said Sourcefire senior VP of marketing Marc Solomon. “Our research shows that 75% of the malware we see on customer environments is seen once. These are polymorphic viruses taking on an average lifespan of less than a day. You can’t throw bodies at it, because you can’t keep up. Attackers are winning.”

Sourcefire says the solution is a mix of automation and intelligence on threats that is applied to enterprise networks to set and enforce policies, and ultimately block rather than alert on attacks if the company so chooses.

“Sourcefire has had trouble articulating its vision; ‘We’re the inventor of Snort.’ That was their tagline. That’s no way to build an enterprise security company,” said Richard Steinnon, founder of IT-Harvest, an analyst firm. Steinnon said Sourcefire’s edge is its context-aware offerings via its RNA product and the attack intelligence gained from its cloud-based Immunet initiative Collective Immunity and the Sourcefire Vulnerability Research Team.

Solomon diagrammed the Agile Security vision in four steps: See, Learn, Adapt and Act. Via RNA, which is being re-branded FireSIGHT, customers will be able to watch network traffic for anomalies as it moves over endpoints, different operating systems, and the network. Networks may then adapt to threats and create rules to either alert or block attacks; an upcoming next-generation firewall is at the heart of this phase of the vision, Solomon said. This automation will enable enterprises to act on intelligence in real time, Solomon said.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: