Signature update S862 that included Signature ID 6043 Microsoft.HTTP.Sys Remote Code Execution was just released. We are seeing a large amount of alerts on this signature with the alerts coming from machines on our network with the traffic  heading o...

I am seeing what I believe is false positives on Sig 4689/1 outbound from our network. When I look at the traffic capture from events it does not seem to match inbound traffic events that fire on the same signature. The inbound traffic looks very muc...

In the past week or so I have been unable to view historical events in the event monitoring tab of the IME for times when I was not logged on to the IME interface. I am able to manaully generate the event log from the sensor monitoring area and it do...