Is there any documentation on the IDS signatures that the R7 network sensors produce?
Hi @antmar904
We just have this resource which focuses on extra detections you get with enhanced network traffic analysis
The IDS component of the sensor mainly focuses on network based Malware detection. ET-Malware is the primary rule category which is available to all sensors. We supplement that with detections which look at TLS and DNS metadata.
Darragh