{"id":1523,"date":"2009-12-09T20:19:18","date_gmt":"2009-12-10T01:19:18","guid":{"rendered":"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/?p=1523"},"modified":"2022-12-30T12:35:55","modified_gmt":"2022-12-30T17:35:55","slug":"which-anti-malware-is-best","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/which-anti-malware-is-best\/","title":{"rendered":"Which Anti-Malware is Best?"},"content":{"rendered":"<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-113771\" title=\"Which Anti-Malware is Best?\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/malware4-1.jpg?resize=110%2C106&#038;ssl=1\" alt=\"Which Anti-Malware is Best?\" width=\"110\" height=\"106\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/malware4-1.jpg?resize=150%2C144&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/malware4-1.jpg?resize=75%2C72&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/malware4-1.jpg?w=300&amp;ssl=1 300w\" sizes=\"auto, (max-width: 110px) 100vw, 110px\" \/>In a <a href=\"http:\/\/www.av-comparatives.org\/images\/stories\/test\/ondret\/avc_report24.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">report<\/a>, <a href=\"http:\/\/www.av-comparatives.org\/\" target=\"_blank\" rel=\"noopener noreferrer\">AV-Comparatives<\/a> compared the base performance of some of the top anti-malware products on the market. The objective of these tests was to identify how well antivirus scanners can detect new malware using their base functions.<\/p>\n<p>Base anti-malware functions included their proactive scanning and heuristics methods, without the advantage of downloading the latest signatures. Forcing a test without the latest virus signatures makes it possible to evaluate the strength of the heuristic-or proactive, technology of the anti-malware engines.<\/p>\n<p><a href=\"https:\/\/arstechnica.com\/security\/news\/2009\/11\/av-compare.ars\" target=\"_blank\" rel=\"noopener noreferrer\"> <em>ArsTechnica<\/em><\/a> summarizes that the tests were run on two sets of malware. Set A, which contains malware from December 2007 to December 2008 (of which most products could detect over 97%). Set B, contained 1.6 million samples of malware collected between August 11 and August 17, 2009. This set included the following categories of malware: Trojans (69.5%), Backdoors\/Bots (20.7%), Worms (6.1%), other malware (1.5%), and Windows viruses (0.4%).<\/p>\n<h3>Results<\/h3>\n<p><em>Ars<\/em> reported these proactive detection results (rounded to the nearest percent):<\/p>\n<p style=\"text-align: center;\"><a href=\"http:\/\/www.av-comparatives.org\/\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"wp-image-1525 alignnone\" style=\"margin: 2px;\" title=\"av-comp\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2009\/12\/av-comp-e1561855759923-150x94.gif?resize=322%2C202&#038;ssl=1\" alt=\"\" width=\"322\" height=\"202\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2009\/12\/av-comp-e1561855759923.gif?resize=150%2C94&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2009\/12\/av-comp-e1561855759923.gif?resize=75%2C47&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2009\/12\/av-comp-e1561855759923.gif?resize=768%2C481&amp;ssl=1 768w\" sizes=\"auto, (max-width: 322px) 100vw, 322px\" \/><\/a><\/p>\n<p>After taking these results into consideration and adjusting for false positives, AV-Comparatives rated the security companies from best to worst in three categories:<\/p>\n<ul>\n<li>Advanced+:\n<ul>\n<li><a href=\"http:\/\/www.gdatasoftware.com\/\" target=\"_blank\" rel=\"homepage noopener noreferrer\">G DATA<\/a>,<\/li>\n<li>Kaspersky,<\/li>\n<li>ESET,<\/li>\n<li>F-Secure,<\/li>\n<li>Microsoft,<\/li>\n<li>Avast,<\/li>\n<li>eScan.<\/li>\n<\/ul>\n<\/li>\n<li>Advanced:\n<ul>\n<li><a title=\"Avira\" href=\"http:\/\/twitter.com\/avira\" target=\"_blank\" rel=\"noopener twitter noreferrer\">AVIRA<\/a>,<\/li>\n<li>AVG,<\/li>\n<li>Symantec.<\/li>\n<\/ul>\n<\/li>\n<li>Standard:\n<ul>\n<li><a title=\"McAfee\" href=\"https:\/\/www.mcafee.com\/\" target=\"_blank\" rel=\"homepage noopener noreferrer\">McAfee<\/a>,<\/li>\n<li><a title=\"TrustPort\" href=\"https:\/\/web.archive.org\/web\/20240415040612\/https:\/\/www.trustport.com\/\" target=\"_blank\" rel=\"homepage noopener noreferrer\">TrustPort<\/a>,<\/li>\n<li>Sophos,<\/li>\n<li>Norman,<\/li>\n<li>Kingsoft.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>In September of 2008 <em>NetworkWorld<\/em> reported on <a href=\"https:\/\/www.gartner.com\" target=\"_blank\" rel=\"noopener noreferrer\">Gartner<\/a> claims that enterprises are paying too much for security software. Gartner says vendors simply aren&#8217;t doing enough to keep up with the prevalence of threats on the Internet. Neil MacDonald, a research vice president at Gartner says that security vendors are &#8220;<em>maintaining high-profit margins on firewalls and antivirus software despite these products being nothing more than commodities.<\/em>\u201d <em>NetworkWorld<\/em> says that during his presentation at the Gartner\u2019s 2008 IT Security Summit in London, Mr. MacDonald was vociferous in his condemnation of how security products are actually increasing their prices over the years across a backdrop of lowered effectiveness, contradicting pricing schemes across the rest of the IT industry.<\/p>\n<h3>Anti-malware pricing is broken<\/h3>\n<p>Security vendors have maintained a pricing scheme that contradicts the rest of the IT industry, Mr. MacDonald said. Typically with software or hardware, prices go down year after year with the introduction of new and better products. In some cases, however, security software often loses its effectiveness as new threats emerge, while prices stay high. &#8220;Why in antivirus year after year do we pay more for something that gives us less?&#8221; MacDonald asked. &#8220;<em>It&#8217;s insanity. Why is information security immune from the trends of the IT industry?<\/em>&#8221;<\/p>\n<p><a title=\"Gartner\" href=\"https:\/\/www.gartner.com\/technology\/home.jsp\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-1535 size-full\" style=\"border: 0pt none; margin: 2px;\" title=\"gartner\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2009\/12\/gartner-e1561855863120.gif?resize=90%2C21&#038;ssl=1\" alt=\"\" width=\"90\" height=\"21\" \/><\/a>Gartner recommends that firms use the commodity status of security software to their advantage, &#8220;<em>I know it&#8217;s hard to switch but you have to seriously enter the negotiations,<\/em>&#8221; MacDonald said. &#8220;<em>Let the vendors know that you are not afraid to switch.<\/em>&#8221; \u00a0And he recommends that buyers should aggressively negotiate for better prices.<\/p>\n<p><strong><em>rb-<\/em><\/strong><\/p>\n<p><em>While most malware writers are script kiddies with an affinity to making minor modifications to existing malware there are some very good black hat hackers out there that are not dummies. \u00a0These tests are important for buyers to understand which product\u2019s core functionality is more efficient against new threats and not rely on constant updates to augment their capabilities. In the face of new threats, superior heuristic capabilities are crucial to anti-malware software? The weekly, daily, or even multiple times a day, definitions updates are the lifeline of the anti-malware industry. The need for constant updates is what drives the annual payments for subscriptions.<\/em><\/p>\n<p><em><a title=\"Ralph Bach\" href=\"https:\/\/wp.me\/P2wgaW-3H\" target=\"_blank\" rel=\"noopener noreferrer\">Ralph Bach<\/a>\u00a0has been in IT long enough to know better and has blogged from his\u00a0<a title=\"Bach Seat\" href=\"https:\/\/rbach.net\/\" target=\"_blank\" rel=\"noopener noreferrer\">Bach Seat<\/a> about IT, careers, and anything else that catches his attention since 2005. You can follow him on <a href=\"https:\/\/www.linkedin.com\/in\/rb48334\/\" target=\"_blank\" rel=\"noopener noreferrer\">LinkedIn<\/a>,\u00a0<a href=\"https:\/\/www.facebook.com\/ralph.bach.14\" target=\"_blank\" rel=\"noopener noreferrer\">Facebook<\/a>,\u00a0and\u00a0<a href=\"https:\/\/twitter.com\/rbach48334\" target=\"_blank\" rel=\"noopener noreferrer\">Twitter<\/a>. Email the Bach Seat\u00a0<a href=\"mailto:\/\/bach.seat@gmail.com\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Gartner recommends that firms use the commodity status of anti-malware software to their advantage and be prepared to switch<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[3216,565,103,1113,85,1247,23,404,82,421,4,2042,445],"class_list":["post-1523","post","type-post","status-publish","format-standard","hentry","category-security","tag-3216","tag-anti-virus","tag-avira","tag-bitdefender","tag-gartner","tag-it","tag-malware","tag-mcafee","tag-microsoft","tag-msft","tag-security","tag-trustport","tag-windows"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/1523","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/comments?post=1523"}],"version-history":[{"count":11,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/1523\/revisions"}],"predecessor-version":[{"id":132660,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/1523\/revisions\/132660"}],"wp:attachment":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/media?parent=1523"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/categories?post=1523"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/tags?post=1523"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}