Integration with QualysGuard Allows Sourcefire to Adapt Protection to Known Vulnerabilities on a Customer’s Network

Sourcefire and Qualys today announced a product collaboration in which Sourcefire’s IPS (Intrusion Prevention System) will integrate with Qualys’ QualysGuard Vulnerability Management solution.

As part of the collaboration, Sourcefire is delivering a new Qualys Connector, which will associate threats detected by the Sourcefire IPS with host vulnerabilities detected by the QualysGuard Vulnerability Management system.

The combined solution delivers increased contextual data – helping security analysts prioritize intrusion alerts. The Sourcefire IPS can determine if a host is actually vulnerable to a given exploit and adapt its protection accordingly. The increased visibility into system vulnerabilities allows the Sourcefire IPS to reduce the number of intrusion events at the sensor level and self tune its protection and increase the precision of its alerting and blocking.

According to a recent report by Gartner, “Context-aware and adaptive security will be the only way to securely support the IT infrastructures emerging during the next 10 years.” Moreover, “Context-aware security is the use of supplemental information to improve security decisions at the time the decision is made, resulting in more-accurate security decisions capable of supporting more-dynamic business and IT environments.”1

“With the increased sophistication and frequency of attacks, customers need more effective solutions to respond quickly and protect the network from these threats,” said Wolfgang Kandek, CTO at Qualys.

1Gartner, May 14, 2010, The Future of Information Security is Context Aware and Adaptive.