Zscaler, Inc.
Signature Pattern Matching testing framework

Abstract:

Systems and methods for testing Signature Pattern Matching (SPM) for a new signature associated with a cloud-based security system with a plurality of nodes and a testing node include operating the testing node with a same management software and SPM library as the plurality of nodes; obtaining a new signature derived to detect malicious content; compiling the new signature in the SPM library for the testing node; implementing one or more test cases related to the malicious content to analyze behavior of the testing node with the SPM library containing the new signature; and, responsive to success in the one or more test cases, providing the SPM library to the plurality of nodes for detection of the malicious content.