Hi,
I have a case that a potential positive injection using API related coding was passing through our IPS, and no intrusion event was seen on Intrusion event. I check the documentation and found out that snort combines signature, protocol and anoma...