Thursday, May 2, 2019

Snort rule update for May 2, 2019

Just released:
Snort Subscriber Rule Set Update for May 2, 2019

Cisco Talos just released the newest SNORT® rule set. This release includes 34 new rules, four of which are shared object rules. There are also seven modified rules, one of which is a shared object rules.

This release is the first of a number of additions to the max-detect policy to make it a heavily detection-focused policy. As such, performance will be impacted if this policy is enabled. It's highly recommended that users test this policy's performance before deploying it in production environments. Therefore, there are a large number of modified rules today that could make downloading this set take longer than usual.

There were no changes made to the snort.conf in this release.

Talos's rule release:
Talos also has added and modified multiple rules in the browser-ie, browser-plugins, deleted, policy-other, protocol-voip and server-webapp rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.