Active Threat Response: Russian Experts Develop 610 New Signatures for IDPS
In July 2025, specialists from the Russian cybersecurity company 'Security Code' developed 610 new signatures for intrusion detection and prevention systems (IDPS). Among them, 87 signatures were classified as highly critical, signaling serious threats that require rapid response from security professionals. The signatures are designed to protect against attacks exploiting 72 known vulnerabilities listed in the Common Vulnerabilities and Exposures (CVE) database.
Reducing the Risk of Malicious Impact
Security Code also highlighted common classes of malware frequently encountered by users online. These include remote access trojans (RATs), infostealers, post-attack data exfiltration via stealers or RATs, malware downloaders, backdoors, and botnets.
This substantial update to threat detection tools on the domestic IT market is critical for safeguarding critical infrastructure and corporate systems. For everyday users, it means a higher level of cybersecurity and reduced risks of data leaks, fraud, and other harmful consequences.
For Russia as a whole, the development strengthens national cyber resilience, reduces dependence on foreign technologies, and supports import substitution efforts. Globally, this contributes to collective cybersecurity by enabling potential information sharing on detected threats.
Product Development Momentum
If Security Code ensures export of its detection mechanisms, integration with international cybersecurity solutions may follow. Currently, however, the emphasis remains on the domestic market, prioritizing homegrown protection tools.
For Russia’s internal audience, the development boosts protection for government agencies, critical infrastructure operators, and financial institutions. It also highlights the possibility of further updates for the company’s Next-Generation Firewall (NGFW) 'Continent 4' and related products.
Future prospects include refining rapid-response methodologies for new CVEs and strengthening the company’s position as a leader in Russia’s cybersecurity sector. The addition of 566 signatures in June already underscored the product’s dynamic development trajectory.
Regular Signature Updates
Here is a brief overview of similar Security Code activities in recent years:
• June 2024: 1,860 new malware detection signatures, 1,020 rated highly critical. Of these, 33% targeted spyware, 26% malware downloaders, 10% worms, and 6% backdoors. About 5% each were designed to detect exploits, web attacks, and other threats.
• July 2024: 640 new IDS/IPS signatures, 147 highly critical, defending against 24 critical vulnerabilities.
• January 2025: 709 signatures added to 'Continent 4' NGFW, 49 highly critical.
• March 2025: 700 new signatures for 'Continent 4,' 120 highly critical, 43% aimed at industrial control systems.
• June 2025: 566 signatures added, 130 highly critical. Most (44%) focused on detecting spyware.
These updates highlight the company’s ability to maintain rapid, large-scale improvements to its signature base, demonstrating active adaptation to new threats.
Expanding Portfolio and Export Potential
Security Code continues to expand its IDPS and NGFW product capabilities by regularly adding hundreds of signatures. The growing share of highly critical signatures (87 of the latest 610) reflects heightened attention to priority threats.
Experts predict continued growth in signature volumes, including critical ones. Looking ahead, closer integration with 'Continent 4' products and expansion into areas such as zero-trust networking (ZTN) and vGate are likely.
International export opportunities and collaboration are also under consideration, should business strategies shift toward external markets. Participation in industry initiatives could further solidify Security Code’s role as a leading developer of cybersecurity solutions.
