Despite the rapid development of technology, most of the attacks are detected by the signature method, and the accuracy of all methods built on the basis of signature analysis depends on how well the signatures are written.
To develop signatures, you need high competence and understanding of how an intruder works. Such competences are available to employees of the «Pentestit» security analysis department. Attack signatures are signs that are inherent in exploiting a vulnerability or identifying a potential attack vector.
Signature analysis reveals:
- attempts to exploit vulnerabilities in “manual mode” using attack attributes;
- active scanning of the web application with various tools and utilities;
- attempts to exploit known vulnerabilities;
- common WAF bypass methods.
Despite the high speed of operation, any signature analysis is significantly inferior to machine learning in terms of the accuracy of detecting attacks, and also generates a larger number of false positives compared to machine learning. To solve these problems, we developed the Nemesida AI module.