My company is monitoring some HIPS agents for a client and the logs are not very descriptive in some cases. I've come across some good resources for general signatures but I can't find anything for specific threats (I don't have access to a console to look them up that way). For example, when a HIP or NIP client event triggers (18000 or 18001), there is also a 'threat ID' in the log. Is there a site or resource somewhere that I can use to look up what these specific threats are?
I've found the following lists but these just list the event ID and not the unique threat ID:
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.