Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
padawan_jedi
Explorer

Investigate an IDS alert

We have received an IDS alert in our firewall and would like to know which fields should we check that may help our investigation and speed up the mitigation for a security incident. If a critical is severity with medium confidence possible that the attack is not really effective in trying to invade our environment.

0 Kudos
1 Reply
Chris_Atkinson
Employee
Employee

More information from the log card is needed, context is also key i.e. what is the protected machine etc.

0 Kudos