IPS Alerts - How to spot an attacker with anomaly detection analytics? | opexxx | Scoop.it
we were able to analyze IPS alerts to find IP addresses attempting multiple attacks and peer-to-peer activity related to attempts to read passwords in real-time

Via cysap