News Stay informed about the latest enterprise technology news and product updates.

Is the antivirus industry dead? Experts weigh in

RSAC 2017: With malware-detecting software increasingly coming under fire for vulnerabilities, find out what the experts had to say about the future of the antivirus industry.

For a business whose demise has been predicted prematurely for years, the antivirus industry remains remarkably...

resilient.

SearchSecurity has raised the question of what the future holds for the antivirus industry several times over the years, yet despite all the negativity the antivirus industry continues to roll on.

Although research from as early as 1999 showed antivirus software itself can be a source of exploitable vulnerabilities, the industry continues to survive if not always to prosper -- even as security researchers continue to find critical security flaws in well-known and widely-used antivirus products.

The SearchSecurity team at RSA Conference 2017 asked experts and insiders what they thought about the prospects for the antivirus industry: Is the signature-based antivirus detection software industry effectively dead? Will machine learning or artificial intelligence breathe new life into threat detection and displace traditional antivirus software?

"The antivirus industry is like a monster in a Hollywood movie. It will never die. It will keep coming back over and over again as long as the plot calls for it," Paul Vixie, CEO of Farsight Security, told SearchSecurity.

Experts suggested that for antivirus vendors to survive, they will have to rethink their approach to the problem of detecting malicious code. "Antivirus is not dead, but legacy AV solutions will be replaced by next gen machine learning and behavioral-based approaches," said Dmitri Alperovitch, co-founder and CTO of CrowdStrike.

The legacy antivirus industry's Achilles' heel has long been its reliance on signatures of known malware examples, through which antivirus software can flag malware -- as long as the malware remains stable. However, it did not take malware developers long to discover a host of ways to mutate their code to avoid being caught by signature-based antivirus software, and some believe it will ultimately doom the antivirus industry.

"Antivirus will be completely dead," said Khirodra Mishra, managing director of security services at NTT Data, due to its reliance on signatures despite malware developers' ability to disrupt signature-based detection. Mishra suggested "most advanced countries and most advanced industries will face challenges in terms of new threats which are not signature-based threats, and that's where you have machine learning-based and artificial intelligence-based protection services which are coming into play."

"My friends ask me this all the time: 'What antivirus [should I use]?' And I've standardized on [my response]: 'Patching is the new AV,'" said Jason Kent, vice president of web application security at Qualys. "I think that too many of us focus on how can I prevent something that I don't know is going to happen with a tool, and we just don't instrument ourselves to use the tools we already have. Keep yourself patched, you'll be fine."

Malware continues to plague computer users, but Scott Crowder, senior vice president and CIO at BMC Software Inc., felt antivirus software still served a function, albeit a smaller one, alongside the use of whitelists and blacklists.

"You're still going to need [antivirus software] for legacy types of threats, but zero-day is really the big problem," Crowder said. "The thing that's really coming about is whitelisting and blacklisting on the endpoint which is something that [will be] really helpful in today's world."

So does antivirus software still serve a purpose? "In terms of whether any good has come of it in the last 10 years, I would say most people don't believe that any good has come of it except that a lot of people didn't get fired because they had antivirus. And so, for the purpose of getting a lot of people to not be fired, it's doing some good," Vixie said.

"For the purpose of actually stopping anything anywhere, I don't think so."

Next Steps

Find out more about the impact on the enterprise of antivirus software vulnerabilities

Learn about how mobile antivirus software works

Read about how Carbon Black is betting on next-gen antivirus technology

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

3 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What do you think is the future of the antivirus industry?
Cancel
Antivirus and other security solutions are primarily business.
In this field lacks basic safety rules such as aviation or in food production. In fact, programming is only human work. There is no need to understand the laws of nature, such in the construction of bridges or engines. The situation has been going on for many, many years.
A solution exist, we must realize that the operating system is the basis.
Cancel
@Napravnik: Humans have been building bridges for thousands of years; I'd argue that civil engineers need to have very deep understanding about the laws of nature as they relate to design and materials.

What does that have to do with antivirus and security software? We just don't really understand how to design software and systems so they work reliably -- let alone how to make them work securely!

It's an ongoing project, and we're at the very beginning, still, even if computers first came on the scene 60-70 years ago.
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

  • CIO Trends #6: Nordics

    In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

  • CIO Trends #6: Middle East

    In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

  • CIO Trends #6: Benelux

    In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...

Close