Sign in to follow this  
Followers 0
DocM

Impervia antivirus effectiveness report

5 posts in this topic

http://www.imperva.com/docs/HII_Assessing_the_Effectiveness_of_Antivirus_Solutions.pdf

Executive Summary

In 2012, Imperva, with a group of students from The Technion ? Israeli Institute of Technology, conducted a study of more than 80 malware samples to assess the effectiveness of antivirus software. Based on our review, we believe:

1. The initial detection rate of a newly created virus is less than 5%. Although vendors try to update their detection mechanisms, the initial detection rate of new viruses is nearly zero. We believe that the majority of antivirus products on the market can?t keep up with the rate of virus propagation on the Internet.

2. For certain antivirus vendors, it may take up to four weeks to detect a new virus from the time of the initial scan.

3. The vendors with the best detection capabilities include those with free antivirus packages, Avast and Emsisoft, though they do have a high false positive rate.

These findings have several ramifications:

1. Enterprises and consumers spend on antivirus is not proportional to its effectiveness. In 2011, Gartner reported that consumers spent $4.5 billion on antivirus, while enterprises spent $2.9 billion, a total of $7.4 billion. This represents more than a third of the total of $17.7 billion spent on security software. We believe both consumers and enterprises should look into freeware as well as new security models for protection.

2. Compliance mandates requiring antivirus should ease up on this obligation. One reason why security budgets devote too much money to antivirus is compliance. Easing the need for AV could free up money for more effective security measures.

3. Security teams should focus more on identifying aberrant behavior to detect infection. Though we don?t recommend removing antivirus altogether, a bigger portion of the security focus should leverage technologies that detect abnormal behavior such as unusually fast access speeds or large volume of downloads.

>

Share this post


Link to post
Share on other sites

Thanks, that was a great read.

Glad Avast did pretty good. Besides the 4 week thing. Did better than MSE. But that's no surprise.

Share this post


Link to post
Share on other sites

Thanks, that was a great read.

Glad Avast did pretty good. Besides the 4 week thing. Did better than MSE. But that's no surprise.

Slightly offtopic, but everything digital is numbers these days right ? :D

I was wondering how long we had to wait for another milestone video, and to my amazement..... :laugh:

Untitled.png

Share this post


Link to post
Share on other sites

^ aww already past.

Share this post


Link to post
Share on other sites

Hello,

For a differing point of view, here's something a colleague of mine who has been involved in testing anti-malware software for a long time wrote: Imperva, VirusTotal, and whether AV is useful.

Regards,

Aryeh Goretsky

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.