[Emerging-Sigs] Detailed change-logs

Guilherme Afonso Galindo Padilha gagp at cin.ufpe.br
Thu Apr 16 18:06:19 HDT 2020


Hello everyone,

This is a continuation of last month's thread, but since it was quite a
while ago, I thought it'd be better to start a new one. Last month you
informed me that:

"The most common reason for modifications (of rules) is that we simply
learned something new about the traffic after we published it. Negating
things that cause false positives, tightening or loosening detection logic
based on time and observed traffic for the particular rule."

Could you also inform me if those modifications are most commonly by adding
more options to the rules, modifying the current ones or actually removing
some?

Thanks,
Guilherme
-- 
Guilherme Afonso Galindo Padilha
Bachelor's degree in Computer Science - Undergraduate (2016.2)
CIn - UFPE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20200417/87a9d520/attachment.html>


More information about the Emerging-sigs mailing list