I'm looking for some good places to get more details on writing more complex HIPS signatures. I've read over some course material that was provided by McAfee and couldn't find anything useful. I was hoping that some of you guys/gals might have come across some good resources. The standard rule Wizard isn't going to cut it.
Looks like the Host Intrusion Prevention 8.0 for ePO 4.5 Product Guide Appendix A is a pretty good resource.
Message was edited by: mrwh1t3 on 8/6/12 2:06:06 AM CDT