The company's Firepower network security appliances were based on Snort, an open-source intrusion detection system (IDS).

AMP enables malware detection and blocking while provisioning continuous analysis and retrospective alerting, using Sourcefire's cloud security intelligence[clarification needed].

Advanced Malware Protection can be deployed inline via a product key on NGIPS, dedicated AMP Firepower appliance or on endpoints, virtual and mobile devices with FireAMP.

[16] Snort is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines signature, protocol and anomaly based inspection methods.

It provides a number of utilities including a multi-threaded daemon, a command-line interface scanner and tool for automatic database updates.

[20] Members of the Sourcefire VRT include the ClamAV team as well as authors of several standard security reference books[21][22][23] and articles.

The group focuses on developing vulnerability-based rules to protect against emerging exploits for Sourcefire customers and Snort users.