30th March 2016 By Gunter Ollmann
Why security teams that rely solely on signature-based detection are overwhelmed by a high number of alerts.
First in a series of two articles about the history of signature-based detections, and how the methodology has evolved to identify different types of cybersecurity threats.
Used in the context of an outdated and manually intensive technology focused on older classes of threats, there’s little wonder why vendors would seek to distance the legacy term “signature” from their advanced detection technology. Vendors haven’t necessarily been deceptive in the labeling of their latest generation of techniques; it’s often just easier to create a new label for something than to fully explain the context and evolution of what preceded it.
Over the years, signature-based systems have changed and advanced, but the core concepts still lie at the heart of all modern detection systems – and will continue to be integral for the foreseeable future. To understand what a “signature system” is in reality, we need to understand the evolution of the detection path as directed and discovered by human intervention.
Full Article
Very interesting article...but very releavnt as we see more and more 'machine learningf' or machine based AI come to the fore...I am in fact testing one of these new breed of application and I have to say I am impressed...but even with this...there is not a 100% cast iron guarantee that they will always get the 'nasties'.
Well the way things are heading Baldrick I think it has to go that way with the nasties getting more and more complex.
But what happens as and when machine learning or AI gets into the malware domain...that does not bear thinking on to much, eh?
Hi ,
when upload a file for webroot , webroot Cloud & ML can Automatically analyze it ?
Regards ,
Amir
when upload a file for webroot , webroot Cloud & ML can Automatically analyze it ?
Regards ,
Amir
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.