Computers & Info. Processing Devices, CyberSecurity, Free Web Apps: Safety/Privacy Related, Information Security News/Resources for Consumers, Internet: Threats, Vulnerabilities, Alerts, IT/Information Technology, technology, Technology Business News
Major AntiVirus Software Offers ZERO Protection: Hacker Intelligence Initiative 2012 Report from Imperva
Results of Testing: More than 40 tested AV solutions provide zero protection against new viruses, and take weeks to update their signatures, according to new report from Imperva 2012 in-depth analysis. Thank you to Bill Mullins for finding this data. Thank you to Imperva http://www.imperva.com
I have a PDF link to the report below and an executive summary of the findings.
It’s not a long report and I consider it a must read for this week! Lot’s of graphs and charts – easy to understand.
Hard to know what do do about it though…
Assessing the Effectiveness of Antivirus Solutions
In 2012, Imperva, with a group of students from The Technion – Israeli Institute of Technology, conducted a study of more than 80
malware samples to assess the effectiveness of antivirus software. Based on our review, we believe:
1. The initial detection rate of a newly created virus is less than 5%. Although vendors try to update their detection
mechanisms, the initial detection rate of new viruses is nearly zero. We believe that the majority of antivirus products on the
market can’t keep up with the rate of virus propagation on the Internet.
2. For certain antivirus vendors, it may take up to four weeks to detect a new virus from the time of the initial scan.
3. The vendors with the best detection capabilities include those with free antivirus packages, Avast and Emisoft,
though they do have a high false positive rate.
These findings have several ramifications:
1. Enterprises and consumers spend on antivirus is not proportional to its effectiveness. In 2011, Gartner reported that
consumers spent $4.5 billion on antivirus, while enterprises spent $2.9 billion, a total of $7.4 billion. This represents more
than a third of the total of $17.7 billion spent on security software. We believe both consumers and enterprises should look
into freeware as well as new security models for protection.
2. Compliance mandates requiring antivirus should ease up on this obligation. One reason why security budgets
devote too much money to antivirus is compliance. Easing the need for AV could free up money for more effective
3. Security teams should focus more on identifying aberrant behavior to detect infection. Though we don’t
recommend removing antivirus altogether, a bigger portion of the security focus should leverage technologies that detect
abnormal behavior such as unusually fast access speeds or large volume of downloads.
To be clear, we don’t recommend eliminating antivirus.
From → Computers & Info. Processing Devices, CyberSecurity, Data/Information Vulnerabilities, Information Security News Sources/Resources, Information Security News/Resources for Consumers, IT/Information Technology, IT: Information Technology, Network Administration Tools, Network Penetration Testing Tools & Info., Protective/Defensive Security Tools - Consumers/Pros, Tools for hackers and security pros