2017 was an eventful year for cyber security with high profile vulnerabilities that allowed self-replicating worm attacks such as WannaCry and BadRabbit to impact organizations throughout the world. In this post we review some of the most frequently triggered Snort rules as reported by Cisco Meraki systems and included in the Snort default policy set. The most commonly reported class type of activity detected is Trojan-activity followed by Policy-violation and Misc-activity.”]
Source: https://blog.talosintelligence.com/2018/01/2017-in-snort-signatures.html