SnortML Rules
Enable the snort_ml
inspector rule to generate events and, in an inline deployment, drop offending packets. The snort_ml
inspector rule is only enabled by default under the Maximum Detection NAP policy.
GID:SID |
Rule Message |
---|---|
411:1 |
(snort_ml) potential threat found in HTTP parameters via Neural Network Based Exploit Detection. |