Nmap based open source vulnerability detection
Posted on 22 May 2007.
Snort creator, Sourcefire, Inc. and Insecure.Org, the creator of the Nmap Security Scanner, today announced a licensing agreement for the parties to jointly develop open source vulnerability scanning technology based on the general purpose Nmap Scripting Engine (NSE) embedded within the popular Nmap network discovery tool. Under the agreement, Insecure.Org will develop the engine while the Sourcefire Vulnerability Research Team (VRT) will develop and contribute plug-ins for discovering specific vulnerabilities.
 
“Sourcefire was built on the premise of combining open source technologies with proprietary innovation and funded research to produce world-class solutions for our customers,” said Martin Roesch, Sourcefire’s Chief Technology Officer and the original author of Snort. “This joint effort exemplifies the spirit of the open source community, combining Insecure.Org’s active scanning expertise with Sourcefire’s vulnerability research capabilities to deliver a powerful new open source scanning technology. As open source leaders and innovators, both of our organisations are dedicated to providing users with the best possible technology to address their security issues, and we are very excited by the capabilities that this relationship will deliver.”
 
The new engine technology will be available within the open source Nmap Security Scanner as well as bundled into the Sourcefire 3D™ System. When combined with Sourcefire RNA as part of the award-winning 3D System, these new active scanning capabilities will enable customers to coordinate passive network discovery with surgical active scanning for a sophisticated approach to vulnerability detection. Users of Sourcefire RNA will be able to identify real-time network changes and then use the Nmap capabilities to deliver specific vulnerability information for only those assets that have been added or changed, significantly reducing scanning times, enhancing network performance and providing detailed analysis much more quickly than traditional solutions.
 
“This partnership is an exciting moment for the Nmap project,” said Nmap creator and lead developer Fyodor. “Nmap has grown over the years from simply enumerating open port numbers to identifying remote operating systems and application versions. With NSE we are taking the next step forward by facilitating advanced network discovery and vulnerability detection. We are grateful to Sourcefire for lending the talents of their exceptional VRT team to this project, and we are happy to see the technology providing value to Sourcefire’s enterprise customers as well.”
 
Vulnerability management is a common security best practice required by a wide array of government and industry security regulations. This new scanning technology will help security professionals perform vulnerability assessments. As organisations migrate to IPv6 environments, Sourcefire believes that the efficiency of a combined approach using both passive and active assessment technologies will be necessary for effective risk assessment.
 
An alpha release of the Nmap Scripting Engine with a number of initial scripts is now available at http://insecure.org/nmap/download.html. The commercial Sourcefire version is expected to be embedded in the 3D System beginning in the first quarter of 2008.
 





Spotlight

Leveraging network intelligence and deep packet inspection

Posted on 26 November 2014.  |  Tomer Saban, CEO of WireX Systems, talks about how deep packet inspection helps with identifying emerging threats, the role of network intelligence, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Nov 27th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //