Threat campaign update

Question

What's the recommended way of updating threat campaign signatures? Auto or manual?&nbsp;
If it's set to auto, does new signatures from TC goes into staging or blocking immediately?&nbsp;

daniel_wolf · Answer

Hi&nbsp;spalande,&nbsp;
my recommended way is auto updates and blocking immediatley.TC are not as generic as attack signatures, they are signatures aiming to protect against a specific attack. For the reason that they are tailored to protect against a specific attack and not a "band aid" for a generic vulnerability, I don't expect false positives (and I never experienced a false positive). Also I want to have always the latest - my sleep schedule doesn't foresee waking up at 3 AM to manually patch against Log4Shell 🙂
KRDaniel

Forum Discussion

Threat campaign update

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

Threat Campaigns

Upcoming Threats, Giving Tuesday, Roundup

Pegasus, Salt Typhoon, Turla Covert Campaign, Windows 11 TPM2.0, and Chrome's 'Store Review'

Threat Campaigns Targeting Oracle WebLogic Servers (CVE-2020-14882)

Enriching AFM with public domain Threat Intelligence

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS