I've been using utilities...
for years now; that assume the local machine is infected. I don't know what "cloud" providers do. Kernel based solutions that resist manipulation on the lowest level, are the norm. My HIPS don't need any updates for signatures - just white lists, for accepted behavior/files/software.
Keep Up with TechRepublic