What mechanism uses signatures to detect known threats?

The correct mechanism that uses signatures to detect known threats is an Intrusion Detection System (IDS). An IDS monitors network traffic and system activities for malicious behavior and policies, leveraging a database of known attack signatures to identify potential threats. When a match is found between the traffic or behavior and a signature, the IDS can alert security personnel about the potential incident. This method of detection is particularly effective for recognizing established vulnerabilities and previously documented attacks.

Firewalls primarily focus on blocking unauthorized access and filtering traffic based on predetermined security rules rather than detecting threats using signatures, making them less suited for this specific purpose. Threat intelligence platforms aggregate and analyze threat data but do not inherently utilize signatures in the way that IDS do. Data loss prevention software is designed to prevent sensitive information from leaving an organization and typically operates through rules regarding data handling rather than directly detecting threats using signature-based mechanisms.