In my environment our snort sensors we are using the alerts from http://www.bleedingthreats.net/ in addition to the standard VRT rules. Has anyone developed any message parsers for any of these alerts, and willing to share them? Considering the rule volume any help would be appreciated.
If anyone would like to request support or improved enVision support for SNORT Bleeding please use
http://www.rsa.com/go/partners/suggest_new.asp
Many thanks