Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Detection and mitigation of specific Intrusion Prevention System (IPS) rule in Cloud One Workload Security

    • Updated:
    • 11 Aug 2020
    • Product/Version:
    • Cloud One - Workload Security All
    • Platform:
Summary

Know why a specific IPS rule is detected and what should be done to mitigate the issue accordingly?

Details
Public

Follow these steps:

  1. Understand the rule.
    1. Open the event details page by double clicking the event.
    2. Click the link in Reason section to open the rule details page.

    3. Read the Description to understand the rule.

  2. Find the mitigation method.
    1. Switch to Vulnerability tab and access external link under External References. Usually, the links are pointing to a Mitre CVE page or the vulnerable application's official website.

    2. Find the mitigation method from the Mitre CVE page or the vulnerable application's official website. For example, in Mitre CVE-2014-3566, you can find solution links for different third party applications under "References to Advisories, Solutions, and Tools" section.
  3. Mitigate the issue

    Implement the solution on the affected machine(s). Usually the methods are upgrading/patching the OS/application or changing certain OS/application configuration. 

Premium
Internal
Partner
Rating:
Category:
Troubleshoot
Solution Id:
000259329
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.