ipsSignature - Cloud Security Gov

{"type":"model","meta":{"id":"/apps/pubhub/media/cloud-security-gov/9ead083ce611c254ac9201d1e76003bd3d4b4b6b/5a7c6e45-6e48-3ded-9e12-6072294c5775","info":{"title":"Cisco Secure Access for Government IPS Profiles API","version":"1.0.0","description":"Get the Intrusion Prevention System (IPS) profiles and IPS signatures in the Secure Access organization.","contact":{"name":"Cloud Security Developer Community"}},"security":[{"oauthFlow":[]}],"tags":[{"name":"IPS Profiles","description":"The IPS profiles with signatures."},{"name":"Secure Access"}],"x-parser-conf":{"overview":{"markdownPath":"secure-access/reference/policies/ips-profiles-overview.md","uri":"secure-access-api-reference-ips-profiles-overview"}},"openapi":"3.0.1","servers":[{"url":"https://api.secureaccessfed.cisco.com/{basePath}","variables":{"basePath":{"default":"policies/v2"}}}],"securitySchemes":{"oauthFlow":{"type":"oauth2","description":"The client credential flow.","flows":{"clientCredentials":{"tokenUrl":"https://api.secureaccessfed.cisco.com/auth/v2/token","scopes":{"policies.ipsconfig:read":"Read Intrusion Prevention System profiles","policies.ipsconfig:write":"Write Intrusion Prevention System profiles"}}}}}},"spec":{"type":"object","description":"The properties of the IPS signature.","properties":{"id":{"type":"string","description":"The ID of the signature.","example":"e9279afc-3b0e-5b78-a2a3-ab9418fad29c"},"gid":{"type":"integer","description":"The generator ID (GID) component of the signature. The SID is used to identify the component in the IPS that generated the alert.","example":1},"sid":{"type":"integer","description":"The Cisco Snort or signature ID (SID) component of the signature.","example":976},"name":{"type":"string","description":"The name of the IPS signature.","example":"MALWARE-BACKDOOR fearless lite 1.01 runtime detection"},"cve":{"type":"array","description":"The list of the CVE values associated with the IPS signature.","example":["2017-11841","2017-11873"],"items":{"type":"string","description":"The CVE associated with the IPS signature.","example":"2017-11841"}},"description":{"type":"string","description":"The description of the IPS signature.","example":"alert ( gid:1; sid:976; rev:1; msg:\"(smtp) file decompression failed\"; )"},"currentAction":{"type":"string","nullable":true,"description":"When the `overridesOnly` filter is `true`, the system returns a non-null value.","example":"block"},"originalAction":{"type":"string","nullable":true,"description":"When the `overridesOnly` filter is `true`, the system returns a non-null value.","example":"warn"}},"example":{"id":"e9279afc-3b0e-5b78-a2a3-ab9418fad29c","gid":1,"sid":7091,"name":"MALWARE-BACKDOOR serveme runtime detection","cve":[],"description":"alert tcp $HOME_NET 5555 -\u003e $EXTERNAL_NET any ( msg:\\\"MALWARE-BACKDOOR serveme runtime detection\\\"; flow:to_client,established; content:\\\"ServeMe 1.x\\\",depth 11,nocase; metadata:policy balanced-ips drop,policy connectivity-ips drop,policy security-ips drop; reference:url,www.megasecurity.org/trojans/s/serveme/Serveme.html; reference:url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453081036; classtype:trojan-activity; sid:7091; rev:6; )","currentAction":"block","originalAction":"block"},"$$ref":"#/components/schemas/ipsSignature","title":"ipsSignature"}}