1 Reply Latest reply on Feb 11, 2015 7:59 AM by fitchsoccer342

    Threat Severity Levels

    belaleid

      Hi all,

       

      can anyone please show me the difference between the severity threats

      Critical

      Warning

      informational

      emergency

      Notice

      Alert

        • 1. Re: Threat Severity Levels
          fitchsoccer342

          This is probably going to confuse you a bit, but there are different threat severitys for HIPS & VSE, and how they are mapped for querying purposes. I've never seen anything really published by McAfee outlining the threat mapping, but if you look in the DB at two different sprocs, it defines them.

           

          stored procedures:

          dbo.VSE_InsertGenericEvent

          dbo.HIP8SP_InsertIPSEvent

           

          Threat mapping:

          HIPS:                Common:

          High (4)             = Critical (2)

          Medium (3)        = Warning (4)

          Low (2)              = Notice (5)

          Information (1)   = Information (6)

           

          VSE:                   Common:

          Critical (4)           = Critical (2)

          Major (3)             = Alert (1)

          Minor (2)             = Notice (5)

          Warning (1)         = Warning (4)

          Informational (0) = Information (6)