Is It Time to Look Past AV Software?


Everyone is told to install and update their antivirus programs. This is considered a key element of good computer hygiene. Indeed, we are repeatedly told, only somebody with masochistic tendencies would run their machines without a good program.


Never mind. Secunia assessed the effectiveness of 12 common AV programs against 300 common exploits. The headline is that Symantec won in a landslide by detecting 10 times the number of exploits as the runner up. The fine print is more important, however: Symantec only found 64 of the exploits. Secunia is not alone. Other test organizations have found similar shortcomings in AV packages. The piece notes that AV-Test.org found some fault with the tests.


AV-Test.org also recently released tests, though the press release didn't pass judgment on the overall quality of the sector. The tests covered detection rates on adware and syware, false positive rates, scanning speed, proactive detection and response time to outbreaks. The heart of the release is a comprehensive chart of the results of the broad trial, which covered 35 products. The software was rated in up to eight categories, though some are not relevant to particular products.


Folks concerned with rating their AV products should also visit AV-Comparatives, which positions itself as a clearinghouse of independent information about AV products.


TenTopReviews offers another useful chart. The main categories assessed are features, scanning capabilities, updates, technical support and supported configurations. Each of these features several subcategories. The top finishers were BitDefender, Kaspersky and ESET. The chart is followed by the features Why Buy Antivirus Software? and What to Look for in Antivirus Software.


The canard that AV software is useless is dramatic but not, apparently, without a kernel of truth. PC World presents the views of a Trend Micro expert, who says that standalone AV packages are far less valuable than they were in the past. David Peterson, the consumer segment director for the company's ANZ business, said that most of the top 10 threats are not viruses. He pointed to downloaders, Trojans, keyloggers and phishing scams as more common enemies. What Peterson identified as signature-based approaches -- a more technical description of traditional AV software -- are more valuable in suites that combine a number of approaches.


I don't think that anyone should rip out their AV, and I don't believe that is what anyone is advocating. But the world of computer security is changing, and AV software -- both its makeup and whether it is grouped with other security tools -- must change as well.