Forum Discussion

Sanjay_Palande's avatar
Nov 02, 2022

Threat campaign update

What's the recommended way of updating threat campaign signatures? Auto or manual? 

If it's set to auto, does new signatures from TC goes into staging or blocking immediately? 

1 Reply

  • Hi Sanjay_Palande

    my recommended way is auto updates and blocking immediatley.
    TC are not as generic as attack signatures, they are signatures aiming to protect against a specific attack. For the reason that they are tailored to protect against a specific attack and not a "band aid" for a generic vulnerability, I don't expect false positives (and I never experienced a false positive). Also I want to have always the latest - my sleep schedule doesn't foresee waking up at 3 AM to manually patch against Log4Shell 🙂

    KR
    Daniel