14 DAY TRIAL // Last week, Symantec’s Senior Vice President for information security, Brian Dye, told the Wall Street Journal, “antivirus is dead.” This isn’t the first time someone makes this statement and, as usual, the topic has made numerous headlines.
When someone says, “antivirus is dead,” it’s usually followed by something like, “but we have the solution to this problem.” Companies usually say antivirus is dead when they’re launching a new product that incorporates advanced technologies.
This time, Symantec announced some new solutions for advanced threats, so it was the perfect opportunity to declare antivirus dead, again. Symantec has been relying on more than just malware signatures to detect threats for a long time, but so have other security solutions providers.
Back in the day, antivirus was the software that scanned your computer for malicious files. It detected them based on signatures from a virus definition database. However, we’ve come a long way since then.
When it comes to solutions for personal computers, some vendors have ditched the “antivirus” name from the name of their products. Some of them haven’t, but that doesn’t mean their solutions are ineffective.
People usually call it “antivirus,” but it’s much more than a piece of software that detects viruses based on signatures. The signature-based detection mechanisms are still present, but they’re complemented by sophisticated technologies capable of detecting threats based on their behavior.
Furthermore, modern security solutions provide real-time protection not only for the computer itself, but also for Web and email. They rely on cloud reputation, whitelisting, sandboxes, and heuristics to detect even unknown threats.
For instance, if you submit a new piece of malware to VirusTotal, you might see that a lot of antiviruses don’t recognize it. However, in reality, most solutions would actually detect the threat before it infects a computer, based on the behavior it exhibits.
When it comes to protecting the systems and networks of enterprises, particularly against advanced threats, antivirus is certainly dead. It’s impossible to protect an organization against targeted attacks with security software designed for home use.
In order to effectively protect an organization, you need a combination of systems. Modern solutions rely not only on advanced behavior-based detection mechanisms, but also on global threat intelligence gathered from various sources. Visibility into the network, the prioritization of potential threats, and intelligence are becoming fundamental.
In addition, organizations must not neglect the risks posed by employees – after all, people are still the weakest link. Security systems are effective only up to a certain point.
So, is antivirus dead? It depends on what you understand by antivirus and what you hope to protect with it.
For home users, antivirus is dead if you’re referring to the security software that can detect malware only based on signatures. Then again, all of the major players offer solutions that rely on more than just signatures to identify threats.
For enterprises, antivirus has been dead for a long time. Unfortunately, many companies are only starting to realize this now, after suffering major data breaches.