VigilantMinds/Sourcefire Discover and Fix Flaw in Pervasive Intrusion Prevention System; Global Security Community Proactively Improves Snort®, the Leading Open-Source IPS

Business Wire, June 6, 2006

PITTSBURGH -- VigilantMinds, a global provider of information security services and solutions, and Sourcefire, the world leader in network intrusion prevention, worked quickly to identify and remedy flaws in open source Snort(R), the most widely deployed Intrusion Prevention System (IPS) and a fundamental security component of thousands of networks.

The Computer Emergency Response Team (CERT) and the SANS Attack Attribution Research Group recently conducted research into the effects of malformed TCP/IP packets on certain classes of software and hardware. CERT reached out to VigilantMinds to determine if their findings had implications for IPS applications. VigilantMinds was able to identify a flaw and demonstrate an exploit that would allow malicious hackers to circumvent monitoring from Snort. VigilantMinds then worked through CERT to coordinate with Sourcefire on the creation of a patch and quick resolution of the potential evasion.

"It's important that the information security community works together proactively to address security concerns in a responsible manner," said Dave Keener, Chief Security Officer of VigilantMinds. "At VigilantMinds, we consider it a responsibility and privilege to contribute our expertise to the global effort of securing information and business systems. It was great to have Sourcefire acknowledge our findings, but most importantly to work with us to quickly and aggressively mitigate the situation. The responsible actions taken by all parties essentially ensure the continued protection for millions of systems around the world."

Sourcefire Chief Technology Officer Martin Roesch originally developed Snort in 1998, and Sourcefire continues to refine and improve the code for free use by the global community. The subtle flaw in Snort required a deep analysis of the code-set and revealed related bugs that were also patched. To address these issues, Sourcefire has released Snort v2.4.5 and v2.6.0

"Snort plays a pervasive role in guarding major networks across the world," said Martin Roesch, creator of Snort and CTO at Sourcefire. "We are pleased that once again the open source development methodology has been validated as a route to provide world-class technology through collaboration between the developers and the user community."

About VigilantMinds

VigilantMinds is a global provider of security services and solutions. VigilantMinds' managed services safeguard clients, providing a 24x7 proactive defense and continual awareness of shifting security concerns. VigilantMinds leverages real-time visibility to networks around the globe to assess and react to emerging and evolving threats, and provides expert counsel to help companies adopt best practices in their industries, meet security goals, and comply with specialized regulations in ways that add value to operations. VigilantMinds offers experienced consultation and services across industry with an emphasis on financial services, healthcare, retail, and mid-market enterprises. For more information, please visit www.vigilantminds.com

About Sourcefire

Sourcefire, Inc., the world leader in intrusion prevention, is transforming the way organizations manage and minimize network security risks with its 3D Approach - Discover, Determine, Defend - to securing real networks in real-time. The company's ground-breaking network defense system unifies intrusion and vulnerability management technologies to provide customers with the most effective network security available. Founded in 2001 by the creator of open source Snort(R), Sourcefire is headquartered in Columbia, MD. At work in leading Fortune 1000 and government organizations, the names Sourcefire and founder Martin Roesch have grown synonymous with innovation and intelligence in network security.