Snort 3 was officially released on Tuesday and users have been advised to switch to Snort 3 from any previous version of the popular intrusion prevention and intrusion detection system (IPS/IDS).
Snort is an open source tool developed by Cisco that provides real-time traffic analysis and packet logging capabilities. It has been downloaded millions of times and it has more than 600,000 registered users, with Cisco claiming that it’s the most widely deployed IPS in the world.
The alpha version of Snort 3 was announced in December 2014 and now it has finally become generally available.
Developers say the latest version brings faster and more efficient rules, it runs on multiple operating systems and environments, and it gives users more control.
The list of important improvements also includes better cross-platform support, a shared configuration and attribute table, support for multi-packet processing threads, scriptable configuration, pluggable key components, autodetecting services for portless configuration, autogenerating reference documentation, and support for sticky buffers in rules.
“This latest version of Snort is the result of more than seven years of development and hard work from our team. After many years of success, it is time for Snort to evolve by incorporating lessons we had learned over the many years of the software’s existence and make it even more effective,” Snort developers wrote in a blog post.
Related: Double-Down on Security Intrusions with Snort Plus IPS
Related: Adobe Open Sources Tool for Sanitizing Logs, Detecting Exposed Credentials
Related: OpenSSF Launches Open Source Tool for Evaluating SAST Products
Related: FireEye Releases New Open Source Tool in Response to SolarWinds Hack