Security / Threat Intel Question


1 comment

  • Avatar

    If you have a unit, you can actually go inside and look.  

    IDS (and a little bit of IPS) is Bro/Zeek, and IPS is our own homegrown 

    No SSL decryption.

    We use a combination of static and dynamically generated lists, mostly paid (licensed), and we are starting to use some of the public lists. 

    Comment actions Permalink

Please sign in to leave a comment.