PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
January 2009

Tests point out antivirus shortcomings

Antimalware vendors are loading up-with traditional signature-based detection, heuristic detection, detection based on common attack characteristics and exploits of known vulnerabilities, application controls, host firewall...whew! But how well is all this working? Recent tests from a couple of sources -- Virus Bulletin (VB) and Secunia -- didn't have all the answers, but the findings were interesting enough to make us wonder, yet again, how effective are these products and how do you test that effectiveness. The annual VB100 certification test-which has been around since 1998- didn't tell us much except that AV vendors can shoot fish in a barrel-in this case, a WildList virus sampling they surely all have signatures for. But other test results, detailed in the October Bulletin, detecting bots and worms, polymorphic viruses and especially Trojans, were more revealing.While all the major vendors scored perfectly on the VB100 test, they missed 5 to 15 percent on the Trojans test. The reason? First, this was a fresh batch of ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

  • Product Review: Cenzic Hailstorm Enterprise ARC 5.7

    Web application security has moved from a niceto- have to a must-have requirement, for data protection and compliance. Cenzic's Hailstorm, which we last reviewed in 2005, reflects the growth in the depth and maturity of Web application vulnerability assessment software.

  • Product Review: GoldKey Secure USB Token

    The GoldKey Secure USB Token works with Windows and Macintosh operating systems to provide a secure place to stash encryption keys for virtual disks. By keeping encryption keys on a small, removable USB token, GoldKey simplifies the task of locking away important information on laptops and encourages good security behaviors.

  • Product Review: Hedgehog Enterprise 2.2

    Eight years after the release of Microsoft SQL 2000, we're still looking for help from bolt-on security product vendors to harden and protect critical production database servers. Sentrigo's Hedgehog Enterprise 2.2 is designed to monitor and protect against known and unknown database threats.

Columns in this issue