The Sourcefire Vulnerability Research Team (VRT) is a group of network security engineers which discover and assess trends in hacking activities, intrusion attempts, and vulnerabilities. Members of the Sourcefire VRT include the ClamAV team as well as authors of several standard security reference books and articles. The Sourcefire VRT is also supported by the resources of the open source Snort and ClamAV communities.
The group focuses on developing vulnerability-based rules to protect against emerging exploits for Sourcefire customers and Snort users. The VRT has provided zero-day protection for outbreaks of malware, including Conficker, Netsky, Nachi, Blaster, Sasser, Zotob, Nachi among others. The VRT also delivers rules that provide same day protection for Microsoft Tuesday vulnerabilities, develops the official Snort rules used by the Sourcefire 3D System, develops and maintains the official rule set of Snort.org, and maintains shared object rules that are distributed for various platforms in binary format.