Sourcefire, a provider of intelligent cybersecurity offerings, has introduced Razorback, an open source framework, which allows users to collect, analyse and store threat data from disparate technologies, so that they can implement customised enterprise and threat-specific detection and remediation.
The company said the the Razorback has the ability to link together an organisation’s detection investments and maximise their effectiveness by providing visibility and intelligence into the threats detected by a variety of security offerings.
In addition, the offering delivers centralised correlation, analysis and action by coordinating Intelligence Driven Response (IDR) processes using custom built and existing security tools (anti-virus, IDS, gateways, and email).
The new offering performs detection in near-real time and provides enterprises with the ability to convert intelligence gathered on attacker methodology into detection capabilities, enabling them to develop and protect against targeted threats or Zero-Day vulnerabilities.
Matt Watchinski, senior director of the Vulnerability Research Team at Sourcefire, said: "Razorback was designed to address the current challenges of today’s threat landscape where attackers are specifically creating attacks to avoid off the shelf tools and technologies.
"The power is in combining the intelligence of an organisation’s security infrastructure with fast and detailed analysis. By providing advanced detection capabilities for uncovering highly obfuscated, difficult-to-detect attacks along with detailed output, Razorback gives response teams a head start on analysing attacks."
