The Post-Signature World

An article in Dark Reading discusses attacks that can’t be found with signatures. This is nothing new—we’ve had zero-days for some time—but as attackers use techniques like sophisticated malware for targeted attacks, it’s harder and harder for signatures to keep up. Signature-based technologies are still important, but “‘Behavioral analysis is a really critical piece in detecting that last ‘X’ percent,” says Michael Sutton, vice president of security research for Zscaler.”

Takeaway: Don’t abandon signature-based techniques, but consider technologies such as web application firewalls with positive security models that profile application behavior and anomaly detection of Netflow data for a complete security posture.