Snort mailing list archives
Re: question :: interest in testing SENF preprocessor for Snort?
From: Joel Esler <jesler () sourcefire com>
Date: Thu, 25 Jul 2013 15:24:03 -0400
How is this different than the Sensitive Data preprocessor that is already built into Snort? On Thu, Jul 25, 2013 at 2:44 PM, Beasley, Cam <cam () utexas edu> wrote:
all -- we've developed what we think to be a very efficient and effective Snort preprocessor for identifying SSNs, CCNs, MRNs (Medical Record Numbers), and other personally identifiable strings of data and we are wondering if there are any others who might be interested in testing this out with us. we've been running this on Sourcefire appliances serving networks that steadily operate at 20+Gbps since 2007 with great results.. we've managed to keep the false positive rate extremely low and the preprocessor adds minimal load to the sensors -- plus it outperforms the existing snort dlp preprocessor by good deal. we're looking for a few testers who we would extend a customer license to at no cost. we'll help you get the preprocessor setup and we'd simply ask that you tell us how it performs for you. we'd like to get at least two open source snort users and one Sourcefire user. feel free to contact me offline if you have questions or would like to participate. thanks, ~cam. Cam Beasley Chief Information Security Officer Information Security Office | UT Austin cam () utexas edu | 512.475.9476 http://security.utexas.edu =============================== ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
-- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire
------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- question :: interest in testing SENF preprocessor for Snort? Beasley, Cam (Jul 25)
- Re: question :: interest in testing SENF preprocessor for Snort? Joel Esler (Jul 25)
- Re: question :: interest in testing SENF preprocessor for Snort? Beasley, Cam (Jul 25)
- Re: question :: interest in testing SENF preprocessor for Snort? Joel Esler (Jul 25)