RSA Admin

IDS and VAM correlation rule

Discussion created by RSA Admin Employee on Nov 12, 2010
Latest reply on Nov 28, 2011 by RSA Admin

Does anyone have an example of a correlation rule that 1. An IDS alert fires with an attack against a certain Microsoft patch MSxx-xxx. 2. Cross references the VAM data to see if the asset is vulnerable to the IDS attack

or any other IDS and VAM correlation

Outcomes