Signature severity helps security teams prioritize incidents.

A higher score indicates an increased risk associated with the intrusion event.

NSX IDS Severity Level Classification Type-Rating Classification Types
  • Attempted User Privilege Gain
  • Unsuccessful User Privilege Gain
  • Successful User Privilege Gain
  • Attempted administrator Privilege Gain
  • Successful Administrator Privilege Gain
  • Executable Code was Detected
  • A Network Trojan was Detected
  • Web Application Attack
  • Inappropriate Content was Detected
  • Potential Corporate Privacy Violation
  • Targeted Malicious Activity was Detected
  • Exploit Kit Activity Detected
  • Domain Observed Used for C2 Detected
  • Successful Credential Theft Detected
  • Emerging Threat alert from SpiderLabs Research
  • RedAlert from SpiderLabs Research
High 2
  • Potentially Bad Traffic
  • Information Leak
  • Large Scale Information Leak
  • Attempted Denial of Service
  • Decode of an RPC Query
  • Suspicious Filename Detected
  • Attempted Login Using a Suspicious Username
  • System Call Detected
  • Client Using an Unusual Port
  • Detection of a Denial of Service Attack
  • Detection of a Non-Standard Protocol or Event
  • Access to a Potential Vulnerable Web Application Attack
  • Attempt to Log in By a Default Username and Password
  • Device Retrieving External IP Address Detected
  • Possibly Unwanted Program Detected
  • Possible Social Engineering Attempted
  • Crypto Currency Mining Activity Detected
Medium 3
  • Not Suspicious Traffic
  • Unknown Traffic
  • Suspicious String was Detected
  • Detection of a Network Scan
  • Generic Protocol Command Decode
  • Misc Activity
  • Generic ICMP event
Low 4-9
  • TCP Connection Detected
  • Non-specific Potential Attack
  • Attempt to Exploit Client-side Web Application Vulnerability
  • Non-specific Potential Web App Attack
  • Traffic Which is Likely a Bad Idea or Misconfiguration
  • Attempt to Exploit Administrative-level Vulnerability
  • Attempt to Exploit user-level Vulnerability
  • IP Based Alert From SpiderLabs Research
  • Successful Exploitation of a Root-level Vulnerability
  • Indication of an Active Backdoor Channel
  • Worm Propagation
  • Specific Virus Detected