[Snort-sigs] question :: interest in testing SENF preprocessor for Snort?

Joel Esler jesler at ...435...
Thu Jul 25 15:24:03 EDT 2013


How is this different than the Sensitive Data preprocessor that is already
built into Snort?


On Thu, Jul 25, 2013 at 2:44 PM, Beasley, Cam <cam at ...2156...> wrote:

>
> all --
>
> we've developed what we think to be a very efficient and effective Snort
> preprocessor for identifying SSNs, CCNs, MRNs (Medical Record Numbers), and
> other personally identifiable strings of data and we are wondering if there
> are any others who might be interested in testing this out with us.
>
> we've been running this on Sourcefire appliances serving networks that
> steadily operate at 20+Gbps since 2007 with great results..  we've managed
> to keep the false positive rate extremely low and the preprocessor adds
> minimal load to the sensors -- plus it outperforms the existing snort dlp
> preprocessor by good deal.
>
> we're looking for a few testers who we would extend a customer license to
> at no cost.  we'll help you get the preprocessor setup and we'd simply ask
> that you tell us how it performs for you.
> we'd like to get at least two open source snort users and one Sourcefire
> user.
>
> feel free to contact me offline if you have questions or would like to
> participate.
>
> thanks,
>
> ~cam.
>
>
>
> Cam Beasley
> Chief Information Security Officer
> Information Security Office | UT Austin
> cam at ...2156... | 512.475.9476
> http://security.utexas.edu
> ===============================
>
>
> ------------------------------------------------------------------------------
> See everything from the browser to the database with AppDynamics
> Get end-to-end visibility with application monitoring from AppDynamics
> Isolate bottlenecks and diagnose root cause in seconds.
> Start your free trial of AppDynamics Pro today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs
> http://www.snort.org
>
>
> Please visit http://blog.snort.org for the latest news about Snort!
>



-- 
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20130725/adcfbe21/attachment.html>


More information about the Snort-sigs mailing list