Signatures should become cloud security history

2024-07-18 03:00

It's becoming evident that the legacy practice of signature-based threat detection needs to be improved for cloud security challenges.

In this Help Net Security video, Jimmy Mesta, CTO at RAD Security, discusses a new proposed standard for creating behavioral fingerprints of open-source image behavior at runtime.

Stateless alerts: Signatures create stateless alerts.

You could be alerted for each successful spawn of a shell in a container.

Detect novel attacks: By definition, a signature is written for a known attack, so in the case of a novel attack, the delay for a signature can be days at best or weeks in some cases.

Even with the signature, you might be covering only some of the exploit paths or pinpointing the context in which a zero-day can be exploited, so its usefulness is limited until the attack and all its exploits are fully understood and signatures are created to match.

News URL

https://www.helpnetsecurity.com/2024/07/18/signature-based-threat-detection-video/

#cloud #cloudsecurity #security

News URL

Related news