Open source innovator and SNORT creator, Sourcefire, Inc., and Insecure.Org, the creator of the Nmap Security Scanner, today announced a licensing agreement for the parties to jointly develop open source vulnerability scanning technology based on the general purpose Nmap Scripting Engine (NSE) embedded within the Nmap network discovery tool.

Under the agreement, Insecure.Org will develop the engine while the Sourcefire Vulnerability Research Team (VRT) will develop and contribute plug-ins for discovering specific vulnerabilities.

The new engine technology will be available within the open source Nmap Security Scanner as well as bundled into the Sourcefire 3D System. When combined with Sourcefire RNA as part of the 3D System, these new active scanning capabilities will enable customers to coordinate passive network discovery with surgical active scanning. Users of Sourcefire RNA will be able to identify real-time network changes and then use the Nmap capabilities to deliver specific vulnerability information for only those assets that have been added or changed.

An alpha release of the Nmap Scripting Engine with a number of initial scripts is now available for download. The commercial Sourcefire version is expected to be embedded in the 3D System beginning in the first quarter of 2008.

Tags: Nmap, Snort,

Related Articles: