Glossary

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z | _1234567890

signature

A rule that defines how to identify an intrusion. Symantec’s Intrusion Prevention System identifies known attacks by pattern-matching against rules or ‘signatures’ stored in the Symantec IPS Library or a custom library. See also signature library, System Library.

1. A state or pattern of activity that indicates a violation of policy, a vulnerable state, or an activity that may relate to an intrusion. 2. Logic in a product that detects a violation of policy, a vulnerable state, or an activity that may relate to an intrusion. This can also be referred to as a signature definition, an expression, a rule, a trigger, or signature logic. 3. Information about a signature including attributes and descriptive text. This is more precisely referred to as signature data.

Signatures are unique identifiers for sub-events extracted from analyzed device logs.