Security News > 2024 > July > Signatures should become cloud security history
It's becoming evident that the legacy practice of signature-based threat detection needs to be improved for cloud security challenges.
In this Help Net Security video, Jimmy Mesta, CTO at RAD Security, discusses a new proposed standard for creating behavioral fingerprints of open-source image behavior at runtime.
Stateless alerts: Signatures create stateless alerts.
You could be alerted for each successful spawn of a shell in a container.
Detect novel attacks: By definition, a signature is written for a known attack, so in the case of a novel attack, the delay for a signature can be days at best or weeks in some cases.
Even with the signature, you might be covering only some of the exploit paths or pinpointing the context in which a zero-day can be exploited, so its usefulness is limited until the attack and all its exploits are fully understood and signatures are created to match.
News URL
https://www.helpnetsecurity.com/2024/07/18/signature-based-threat-detection-video/
Related news
- Whitepaper: Reach higher in your career with cloud security (source)
- Transforming cloud security with real-time visibility (source)
- Top 5 Cloud Security Automations for SecOps Teams (source)
- Microsoft lost some customers’ cloud security logs (source)
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- Enhancing visibility for better security in multi-cloud and hybrid environments (source)