Web threats ..a new wave! – by Hemanshu
I have never been a fan of signature matching solutions, they are dumb and reactive and would always do more false positive than a DPI based solution. Robert Graham does a nice analysis here .
The need of the hour is to develop more heuristic and context aware engines. Solving this problem at the network is gonna be a challenge , instead of perimeter; proxy could be a more suitable carrier (as latency is only to the web requests, in case of IPS the latency is added to the whole network). but nothing could do it faster than a end point solution (And please I am not talking the stupid Anti Virus!)