Antivirus Software Not So Useless as People Say: Report
While companies continue to call out the antivirus industry for the malware it misses, NSS Labs says that most criticism is based on misconceptions.Antivirus software has gotten a bad rap, even though the programs continue to help protect firms and raise the bar for attackers, according to a report released on March 11 by research firm NSS Labs. The report finds that antivirus software has largely been criticized based on two-decades-old misconceptions. The software running on users' computers does far more than matching patterns, or signatures, for known threats. Instead, it uses a variety of technologies—from firewalls and host intrusion detection to behavioral heuristics and anomaly detection—to find what is likely to be malicious software, or malware, Randy Abrams, research director at NSS Labs, told eWEEK. Today's anti-malware software—the term "antivirus" is another hold out from the days of a less complicated threat—does the equivalent of the credit check required by a bank, looking at a variety of factors to assess risk, he said. "If you want a loan at a bank, you have to have a reputation that they call a credit score," Abrams said. "If you have a low credit score, it does not mean you wouldn't pay the bank back; it just means that you are a greater risk."
Despite increasingly nuanced detection strategies, the antivirus industry has become the punching bag of the security industry, mainly because it is the last line of defense against the compromise of a computer that could, and most often does, lead to a major breach. When a computer is infected with malware, users do not blame the firewall or the network intrusion-detection system—they criticize the software that protects the endpoint, Abrams said.