11-14-2012 12:49 PM - edited 03-10-2019 05:49 AM
How do i go about checking to see if our IDS can detect "low and slow" data exfiltration?
11-15-2012 01:37 PM
Not easy to grt that directly from IPS. Send alert logs to Splunk and create Splunk query to detect low volume attacks.Sent from Cisco Technical Support iPad App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
