Company Continues to Deliver Zero-Day Protection Against Major Threats

Wokingham, UK, 29th January 2009 - Open source innovator and SNORT creator, Sourcefire, Inc. Nasdaq:FIRE , a leader in Enterprise Threat Management, today announced that its customers and Snort users have had zero-day protection from the rapidly spreading W32.Downadup Conficker worm.

With reportedly more than 10 million systems currently infected, Conficker is on track to become one of the most widespread worms in history. The combination of Sourcefire s MS06-040 rules, released in 2006, its MS08-067 rules, released on October 23, 2008, and the company s generic shellcode detection rules delivered multiple layers of protection against Conficker, even before it was released in late November 2008.

The Sourcefire Vulnerability Research Team VRT leads the industry in providing same-day coverage for Microsoft Tuesday vulnerabilities, providing customers and Snort users with the confidence that their systems are protected. For more information about the Conficker worm and Sourcefire s protection, please visit the following VRT Blog posting: http: vrt-sourcefire.blogspot.com 2008 12 ms08-067-in-wild.html .

Due to the speed with which the Conficker worm spread, anyone who waited for it to be discovered was probably too late, said Matt Watchinski, Senior Director of the Sourcefire Vulnerability Research Team. This outbreak illustrates the need for organizations to take a proactive stance against security threats, not just protecting against known vulnerabilities and threats, but implementing solutions that can protect against even unknown threats. The Sourcefire Vulnerability Research Team works closely with our customers and the open source community to help ensure that they are safe from these types of attacks.