Is Antivirus Becoming Obsolete?

By Ken Presti
October 03, 2012 7:32 PM ET

Page 1 of 3

If you pick the average person off the street and ask them about information security, most of them will likely associate the term with the antivirus software on their computers. Most "civilians" are unfamiliar with terms such as "HIPS," "IDS," "IPS" and the vast assortment of other security products commonly in use. Those sorts of things operate behind the scenes. But, AV packages are widely deployed and are often offered free of charge when you buy a new computer -- at least for the first 30 days.

But, as the malware war continues to escalate, it is reasonable to question the level of effectiveness that antivirus software, as a category, brings to the table.

"When last I looked, there were 78,500,000 unique instances of malware, according to AV-Test.org," said Paul Henry, security and forensic analyst at Lumension, a Scottsdale, Ariz.-based endpoint security company. "How in the world is anyone going to keep up with the signatures to inspect that large of a database?"

According to a survey released by FireEye, a Milpitas, Calif.-based company that specializes in defense against advanced targeted threats, malware that can slip through signature-based detection has nearly quadrupled in the past year alone.

"The problem with signature-based defenses is a scaling issue," explained Ali Mesdaq, security researcher at FireEye. "There are so many new exploits coming out every day that the signature databases can't scale to that level. Some sort of technology development will be needed before they will be able to handle the rapid increase in volume."

Meanwhile, a separate survey, conducted by Carbon Black, a Sterling, Va.-based vendor that focuses on security-related data collection, suggests that in most cases, just about any bug will be able to be detected by at least one of 43 antivirus packages on the market today. The bad news is that an effective matchup between the specific bug and the specific AV package on your customers' systems is nearly coincidental.

The Carbon Black team then tested how long it would take for the individual AV packages to catch up with the ones they had missed. "The results were a big surprise to us," said CEO Mike Viscuso. "What we found was that if an antivirus package did not detect the virus within the first week, it probably never would."

NEXT: Is White Listing A Better Strategy?

1 | 2 | 3 | Next >>

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

	Head-To-Head: Symantec Vs. McAfee In Endpoint Protection McAfee and Symantec are archrivals with a firm grip on the North American security market. CRN pits both vendors' endpoint security products against each other and names a winner.
	The 8 Steps Behind The Massive $45M Cyber Bank Heist More than $45 million was stolen from banks in the U.S. and 19 other countries in a scheme that law enforcement is calling an international conspiracy to drain millions from bank accounts using stolen debit cards and PIN numbers. Here's how they did it.
	Name Of The Game: Top 10 States For Identity Theft A Federal Trade Commission report provides statistics on identity theft and fraud complaints in 2012. Learn which state has the dubious distinction of having the most victims.
	More Slide Shows