Snort Rules

Welcome to the Snort Rules Download Section. Over the past few years the Sourcefire Vulnerability Research Team (VRT) has invested numerous resources and done considerable work to improve the quality and timeliness of the Snort rules. Now Sourcefire is pleased to announce that we are increasing the value provided by the VRT by making "VRT Certified Rules" available to Snort users at the same time as Sourcefire customers - up to 5 days faster than before.

Sourcefire VRT Certified Rules

Sourcefire VRT Certified Rules are the official rules of snort.org. Each rule has been rigorously tested against the same standards the VRT uses for Sourcefire customers. These rules are distributed under the new VRT Certified Rules License Agreement that restricts commercial redistribution. There are three ways to obtain these rules:

• Subscribers receive real-time rules updates as they are available – Learn more about subscription highlights here
• Registered users can access rule updates 5 days after release to subscription users.
• Unregistered users receive a static ruleset at the time of each major Snort Release

Community Rules

In addition, the VRT is pleased to announce that will be  maintaining a community ruleset that contains rules submitted by members of the open source community. While these rules are available “as is,” the VRT performs basic tests to ensure that new rules will not break Snort. These rules are distributed under the GPL and are freely available to all open source Snort users.

Latest Sourcefire VRT Rules Updates

About the Sourcefire Vulnerability Research Team

The Sourcefire Vulnerability Research Team (VRT) is a group of leading edge intrusion detection and prevention experts working to discover, assess and respond to the latest trends in hacking activity, intrusion attempts and vulnerabilities. This team is also supported by the vast resources of the open source Snort community, making it the largest group dedicated to advances in network security industry.