The most recent content from our members.
Hello, What would be the best way to go about switching off communication with a malicious/compromised/blocked IP that is fed from Thread Intelligence Feed or manually inserted into UDG from Emerging Threats rulesets at Index of /blockrules I tried to correlate WebTrafficAudit event (OR) Network Audit event group with…
Federal IT professionals spend much time and money implementing sophisticated threat management software to thwart potential attackers, but they often forget that one of the simplest methods hackers use to access sensitive information is through social media. The world’s best cybersecurity tools won’t help if IT managers…
We have a rule set up to use the TIF thusly: We're getting alerts from Bad Folks trying to hit our outside IP, but that's happening all the time -- a good portion of the reason one doesn't put an IPS outside of the firewall. Does anyone have any good Use Case examples for the TIF? We're looking at crafting a rule that…
It looks like you're new here. Sign in or register to get started.