Which term describes security that uses signature files to identify malware?

Security that uses signature files to identify malware relies on a database of known malware fingerprints that the software compares against files and processes on a device. This approach is a hallmark of traditional endpoint security, which historically depended on signature-based detection to quickly and accurately flag known threats. While anti-malware software is the broader category that includes signature-based detection, it can also encompass newer techniques such as behavioral analysis. The term “signature files” describes the repository used, but doesn’t by itself define the overall security approach. Detection is too generic a label. So the best fit is traditional endpoint security, capturing the classic model that relies on matching against known signatures. In modern setups, these systems are often augmented with heuristics and behavioral analysis to cover unknown threats, but the signature-based method remains a defining feature of traditional endpoint security.