With Internet use forming an ever-greater part of day-to-day life, malicious software (often referred to as “malware”) and other security exploits that steal or destroy system resources, data, and private information are an increasing problem. Governments, businesses and individuals may devote significant resources to preventing intrusions, damage and thefts related to these security exploits. Security exploits come in many forms, such as computer viruses, worms, trojan horses, spyware, keystroke loggers, adware and rootkits. Such security exploits can be delivered in or through a variety of mechanisms, such as phishing emails, malicious clickable links, infected documents, infected executables, or infected archives.
Tools for addressing these threats may apply conditional logic, testing whether some aspect of a system component, such as a process or file, matches one of more criteria. Based on meeting the criteria, the tools may take some action or actions. Modifications to the criteria, which may alter the system components that are identified, may be cumbersome. For instance, such modifications may require changes to the source code of the tools and recompiling of the tools.