1 of 1 people found this helpful
This is a good one:
Run the query and dump all the signatures in your DB. You'll have to run it everytime a HIPS Content Update is released to get the most up to date changes.
I think this sums it up. Thank you gents
KB65559 applies to ePO 5.x as well. Updating that KB to include ePO 5.x.
KB65559 - List of the McAfee Host Intrusion Prevention 7.0 / 8.0 events supported by ePO 4.x
- HIPS Event ID severity does not equal HIPS Signature severity.
- HIPS Signature severities are found within the IPS Rules policy, or exported per KB55119.