Cisco has announced that it is delivering the ability to create and integrate new open source application identification capabilities into its Snort engine through the release of OpenAppID.
Open source application detection and control allows users to create, share and implement custom application detection so that they can address new app-based threats.
Open source application detection and control is enabled by Cisco’s new OpenAppID application-focused detection language.
Martin Roesch, creator of Snort and Vice President and Chief Architect, Cisco Security Business Group, said, “Open source is very important because it creates real collaboration and trust between vendors and the experts that are tasked with addressing advanced and aggressive threats. By open sourcing application visibility and control, Cisco is empowering the community to create technically superior solutions to address their most complex and unique security challenges.”
It also supports application detection and reporting; Cisco says OpenAppID enables Snort users to utilise the new detectors to detect and identify applications, and to report on application use.
By providing application-layer context with security-related events, OpenAppID aims to enhance analysis and speed remediation.
Actionable Application Detection and Control ‑ OpenAppID enables Snort to block or alert on detection of certain applications. This helps to reduce risks by managing total threat surface.
Snort is also enabled to block or alert on the detection of certain applications, reducing risk by managing total threat surface.