Description

Detects a potential vulnerability scanner by detecting devices that have triggered a large number of unique events. Vulnerability scanners generally trigger a high number unique events when scanning a host since each vulnerability check tends to trigger a unique event.