Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Investigate an IDS alert

We have received an IDS alert in our firewall and would like to know which fields should we check that may help our investigation and speed up the mitigation for a security incident. If a critical is severity with medium confidence possible that the attack is not really effective in trying to invade our environment.

Tags (1)
0 Kudos
1 Reply
Highlighted
Employee++
Employee++

More information from the log card is needed, context is also key i.e. what is the protected machine etc.

0 Kudos