Glossary

The glossary below contains many of the terms you will find in common use throughout the Symantec Security Response website. Please refer to this list to find definitions of terms and answers to other Internet security-related questions.

signature

A rule that defines how to identify an intrusion. Symantec’s Intrusion Prevention System identifies known attacks by pattern-matching against rules or ‘signatures’ stored in the Symantec IPS Library or a custom library. See also signature library, System Library.

1. A state or pattern of activity that indicates a violation of policy, a vulnerable state, or an activity that may relate to an intrusion. 2. Logic in a product that detects a violation of policy, a vulnerable state, or an activity that may relate to an intrusion. This can also be referred to as a signature definition, an expression, a rule, a trigger, or signature logic. 3. Information about a signature including attributes and descriptive text. This is more precisely referred to as signature data.

Signatures are unique identifiers for sub-events extracted from analyzed device logs.