- Apr 9, 2020
- 667
That's certainly not what you are getting at, but there are lots of multi-engine AVs. Probably more than single-engine AVs.
The engines of Bitdefender, Kaspersky and Avira are used by many other products, which also have their own scanning engine on top. Especially for smaller companies who don't have the number of employees to maintain a full scanning engine that covers everything, it makes much more sense to license another engine and then use their own technology to cover the leftovers. The drawback is that they cannot control the detections of that engine. So if, e.g., Bitdefender's scanner has false positives, at least 6 other AV products have the very same false positive as well.
But I think your question was actually a different one, probably more like: Why not have a multi-engine product that uses all engines?
The main answer to that is: It's a question of performance vs actual benefit. Why would you deploy the very same detection method more than 10 times in different variations?
This would slow down the system considerably, whereas you could use the same resources to deploy entirely different detection technologies to make things safer. That's exactly what AV products are doing. They have not only the file scanning engine but also, e.g., behaviour monitor and blocker with heuristic rules, exploit protection modules, in-memory scanning, automatic analysis and signature creation combined with cloud blacklisting and whitelisting, ...
Let me create an analogy with safer sex: It makes sense to use a condom and birth control pill at the same time because they work differently, work in different areas and protect from different things. However it doesn't improve things if you use two condoms.
