IBM Gets Behind Snort, Expands Anomaly Detection
"Since its debut in 1998, the open-source Intrusion Prevention System (IPS) known as Snort
has become a popular platform for security signatures to protect
enterprise IT assets. Today, IBM announced support for Snort signatures
as part of an expanded security threat analytics capability that is
designed to alert organizations to suspicious outbound traffic from
infected "zombie" computers.
According to IBM, enterprises are increasingly exposed to new and
advanced threats that may have already invaded the corporate network. In
addition to support for Snort signatures, IBM's expanded Advanced
Threat Protection Platform includes the QRadar Network Anomaly Detection appliance, which is designed to analyze network traffic and report suspicious behavior."