Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1533
Views
0
Helpful
1
Replies

Security Intelligence Events

slymer1965
Level 1
Level 1

‎04-05-2016 09:24 AM

Is there any way to drill into a Security Intelligence Event in Sourcefire? I am seeing numerous outbound CnC events coming from a host but cannot see what application, service, etc. is causing the triggered event.

Thanks!!

Scot Lymer

Labels:
0 Helpful
1 Reply 1

Dennis Perto
Level 5
Level 5

‎04-06-2016 11:10 PM

Hi

Unfortunately there is no way of doing that.

Security Intelligence is the same as Blacklists. It stops the traffic before it knows what Application/Protocol that is used.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card