- Apr 25, 2013
- 5,355
Each time someone reports that antivirus is dead, a hacker gets his wings (and I get furious). With our industries becoming increasingly data-driven, the need to protect our networks, devices, and archives has become more important than ever.
In a world of weaponized emails and polymorphic, self-replicating malware, entertaining the idea that endpoint antivirus protection is dead is both ignorant and dangerous.
Brian Dye, vice president of Symantec and Norton, told The Wall Street Journal thattraditional antivirus software is dead because they only detect roughly 45 percent of all attacks, and that of threats detected, most are so dynamic that containing them is too difficult.
Furthermore, security provider FireEye was quoted saying, "the function signature based AV serves has become more akin to ghost hunting than threat detection and prevention". Ghost hunting? Really? -- C’mon.
Yes, we are aware of the new challenges affecting those in the cybersecuity community, but neither I nor anyone at OPSWAT are as defeated as those at Symantec. We know the internet isn’t exactly a small space, and that the rate at which mass amounts of data traveling this space is increasing exponentially. This has raised the importance (along with the challenges) of having up-to-date threat detection software. David Harley, senior researcher at ESET, discussed the glory days of anti-malware protection by describing how, in 2013, the "Speed of [malware] spreading was restricted by the fact that the internet was a far smaller place, and that restriction also meant that once a malicious program had been identified, an AV customer who diligently updated his anti-virus as soon as signatures were available was likely to see his signatures before he saw the malware (if at all)".
Today, even the most diligent AV customer may still fall victim to malware threats, which can be taken to support Dye’s belief that the anti-virus industry may be dead. However here at OPSWAT, we aren’t so quick to throw in the towel. We agree with Dye up to the point that traditional AV software may be out of pace to keep up with advanced persistent threats (APTs), but we have a new innovative solution- and there’s nothing "traditional" about it. Traditional, or stand-alone AV software, lacks the multi-layered protections necessary to keep up with polymorphic threats. Harley reiterated Pierre Vandevenne’s (an ex colleague of Harley's) views on the future of AV in his article; Vandevenne says that:
"Traditional stand-alone AV (essentially the scan-detect-protect-clean paradigm) should definitely be dead. Multi-layered protections with web browsing protection, DNS monitoring, in the cloud file checks and heuristics, real time analysis of new and/or infrequent or unique executables (of all kinds) are definitely needed but won’t ever reach the near perfect protection levels the AV industry offered at very specific and short lived moments in the history of malware".
Full Article
In a world of weaponized emails and polymorphic, self-replicating malware, entertaining the idea that endpoint antivirus protection is dead is both ignorant and dangerous.
Brian Dye, vice president of Symantec and Norton, told The Wall Street Journal thattraditional antivirus software is dead because they only detect roughly 45 percent of all attacks, and that of threats detected, most are so dynamic that containing them is too difficult.
Furthermore, security provider FireEye was quoted saying, "the function signature based AV serves has become more akin to ghost hunting than threat detection and prevention". Ghost hunting? Really? -- C’mon.
Yes, we are aware of the new challenges affecting those in the cybersecuity community, but neither I nor anyone at OPSWAT are as defeated as those at Symantec. We know the internet isn’t exactly a small space, and that the rate at which mass amounts of data traveling this space is increasing exponentially. This has raised the importance (along with the challenges) of having up-to-date threat detection software. David Harley, senior researcher at ESET, discussed the glory days of anti-malware protection by describing how, in 2013, the "Speed of [malware] spreading was restricted by the fact that the internet was a far smaller place, and that restriction also meant that once a malicious program had been identified, an AV customer who diligently updated his anti-virus as soon as signatures were available was likely to see his signatures before he saw the malware (if at all)".
Today, even the most diligent AV customer may still fall victim to malware threats, which can be taken to support Dye’s belief that the anti-virus industry may be dead. However here at OPSWAT, we aren’t so quick to throw in the towel. We agree with Dye up to the point that traditional AV software may be out of pace to keep up with advanced persistent threats (APTs), but we have a new innovative solution- and there’s nothing "traditional" about it. Traditional, or stand-alone AV software, lacks the multi-layered protections necessary to keep up with polymorphic threats. Harley reiterated Pierre Vandevenne’s (an ex colleague of Harley's) views on the future of AV in his article; Vandevenne says that:
"Traditional stand-alone AV (essentially the scan-detect-protect-clean paradigm) should definitely be dead. Multi-layered protections with web browsing protection, DNS monitoring, in the cloud file checks and heuristics, real time analysis of new and/or infrequent or unique executables (of all kinds) are definitely needed but won’t ever reach the near perfect protection levels the AV industry offered at very specific and short lived moments in the history of malware".
Full Article
