Security News > 2024 > July > Signatures should become cloud security history
It's becoming evident that the legacy practice of signature-based threat detection needs to be improved for cloud security challenges.
In this Help Net Security video, Jimmy Mesta, CTO at RAD Security, discusses a new proposed standard for creating behavioral fingerprints of open-source image behavior at runtime.
Stateless alerts: Signatures create stateless alerts.
You could be alerted for each successful spawn of a shell in a container.
Detect novel attacks: By definition, a signature is written for a known attack, so in the case of a novel attack, the delay for a signature can be days at best or weeks in some cases.
Even with the signature, you might be covering only some of the exploit paths or pinpointing the context in which a zero-day can be exploited, so its usefulness is limited until the attack and all its exploits are fully understood and signatures are created to match.
News URL
https://www.helpnetsecurity.com/2024/07/18/signature-based-threat-detection-video/
Related news
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- AWS unveils cloud security IR service for a mere $7K a month (source)
- Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security? (source)
- Best CSPM Tools 2024: Top Cloud Security Solutions Compared (source)
- CrowdStrike vs Wiz: Which Offers Better Cloud Security and Value? (source)
- CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01 (source)
- Enhancing visibility for better security in multi-cloud and hybrid environments (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)