The present invention relates generally to the field of computers, and more particularly to software vulnerabilities.
Hackers are constantly on the lookout for vulnerabilities in software that they can exploit. Exploiting a vulnerability typically involves a series of actions. If the machine is installed with a network intrusion prevention software (IPS) or Security Information and Event Management software (SIEM) and if the vulnerability pattern is known to it, IPS/SIEM would detect the attempt to exploit the vulnerability and take an appropriate action to counter the attack. As part of this counter measure, IPS/SIEM typically also logs the relevant packet/event information so that it can subsequently be used for analysis to trace the attack.