Each psad release usually includes an updated signature set bundled within the psad tar archive or RPM file as the "signatures" file. Signature development is an ongoing process, however, and in some cases a new signature is developed for psad well before the next release is available.
In order for people to make use of the signature as quickly as possible, the latest signature set is published at http://www.cipherdyne.org/psad/signatures. With the psad
--sig-update command-line argument, psad downloads and places this file in the filesystem at /etc/psad/signatures, as shown in the following output:
psad --sig-update[+] Archiving original /etc/psad/signatures -> signatures.old1 [+] Downloading latest signatures ...