Whither anti-virus software?

Whither anti-virus software?

Summary: In the security industry it's not hard to run into someone predicting the demise of the anti-virus industry. But the end game will take forever to play out.

SHARE:
TOPICS: Software, Security
221

In the security industry it's not hard to run into someone predicting the demise of the anti-virus industry. But the end game will take forever to play out.

The common argument: Anti-virus software can never keep up, is outdated and outgunned against rapidly evolving threats. Websense CEO Gene Hodges recently said as much: "Modern attackware is much better crafted and stealthy than viruses so developing an antivirus signature out of sample doesn't work."

His advice was to scrimp on anti-virus software and invest your budget money elsewhere.

The latest entry in this debate is the fact that venture capital is flowing into anti-bot software companies. Ryan Naraine argues that if you follow the money it's clear that the anti-virus industry has issues.

Ryan notes that the investment into anti-bot startups "is an indictment of the anti-virus industry." Andrew Jaquith, an analyst with the Yankee Group, backs up Ryan's assertion. Just like anti-spyware companies emerged so will the anti-bot folks.

Here's where the argument falls apart--or at least becomes more nuanced. The traditional anti-virus companies were among the first and used their advantage to build suites. While anti-virus software isn't perfect, folks still need it. The big question is whether customers will pay for anti-virus protection. The short answer is no. But to the security giants like Symantec this point doesn't matter. The game to Symantec and McAfee is to sell you a security suite--the components are irrelevant.

Bottom line: These anti-bot companies--Damballa, FireEye, Sana Security and NovaShield--will develop and then be quickly bought out by the traditional anti-virus giants. Anti-virus software may wither on the vine, but that traditional sell-people-a-suite model and the licensing revenue that goes with it is alive and well.

Topics: Software, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

221 comments
Log in or register to join the discussion
  • Cute pun

    but it kind of telegraphs the thesis, don't you think?
    Yagotta B. Kidding
  • Did I learn anything new from this article?

    No.
    Techboy_z
    • Problem being is less 1% Hidden and 99% Bogus/ie_odf/ faulse/ faulse/

      Open script challenges from savvy Buccaneers in the cleanup practise or media devices through Active X Controls is still the King of Ni-ni. A suite Spyware protection from your ISP and '4'in One from Gaming Studios West Germany are the automated tools for unplugging the most intent of "adaware bogies" of this 21 Century's Birth. So, No.
      rtirman37
      • Re: Problem being is less 1% Hidden

        Fastidious active exploits using compelling Swashbucklers for the waste management or creative intelligences wanting thorough dissolved Java Applets is left wanting of Chi-Chi. Following hereditary acronyms from your ISP and bestselling novels from Symantec using automated kernels are wireless transient of the "malware ninjas" of next year's incarceration. So, Yes.
        Free_Thinker
        • Uh, huh?

          Either I'm old, or you're not making sense. And the conclusion doesn't seem to make sense either...
          Weltenwanderer
  • Why doesn't that logic apply?

    The article says, "The common argument: Anti-virus software can never keep up, is outdated and outgunned against rapidly evolving threats."

    Why haven't we stopped using vaccines for diseases? The viruses just keep coming up with new strains and new diseases.
    gitmo
    • Re: Why doesn't that logic apply?

      You make a valid point, but I don't think the same logic
      applies because saving human lives is never (or should never
      be) seen as inefficient. Spending money on rather useless
      Anti-Virus applications can be frustrating and a waste of
      money in some cases, but I don't think buying a vaccine
      would seem as frustrating or be a waste of money.

      To sum it up: software ≠ human life
      jmadlena
      • Re: Why doesn't that logic apply?... Because....

        There is a fundemantal diffrence here. Computer viruses are written [of course] by human coders or are based upon code developed by coders.

        Biological viruses develop as a result of random variation in their GENETIC code. There is no specific aim or target in a new version. They arise as a result of chance variation.

        Computer viruses are written to exploit a specific loophole in the operating system/application/BIOS code. This is why that logic does not apply. The analogy can be useful but does not 'hold water' when used to support an argument such as the one put forward in the reply 'Why doesn't that logic apply?... '

        As to the main thrust of the original article I suppose it makes sense to consolidate the efforts of combating these threats into your product no matter which anti-virus provider you are [just hope you get hold of the good ideas and buy them up before the competition!]
        Dave Pe
        • Your joking of course.....

          "Biological viruses develop as a result of random variation in their GENETIC code. There is no specific aim or target in a new version. They arise as a result of chance variation." ????
          the variation in the virus HAS to be targeted against the system that destroys it other wise the variation IS OF NO USE AT ALL! The virus will quickly die forever. Ask an hacker to write a computer virus to RANDOMLY mutate so that it will defeat the anti virus software, note: the mutation must be random and in accordance with your dna (genetic code) example one bit or byte at a time have a go yourself at:
          http://www.randommutation.com/
          On Site PC
    • Anti-virus software can never keep up

      I completely.
      We still use locks on our doors, even though burglars will always try to get in.
      marta4
    • I don't buy that

      A vaccine is more like patch that closes the whole. AV software is more like cough syrup that helps with the symptoms. The symptom is the virus getting in the patch is the cure or vaccine.

      I mean it's not like that Blaster virus is going cause me problems today. I'm immunes to make an analogy. The new threat however is unknown even to the AV companies.

      It's much like the flu shot. They can make an educated guess on which strain will be prominent this year but when the unknown strain hits us we are defenseless in terms of vaccinations and left to our own immunes system.
      voska1
    • Poor analogy

      That's a poor analogy. We can't reengineer the human body to make us immune to pathogens. Microsoft could fix Windows to make it much less vunlerable to malicious code.
      kevin.cline9
  • RE: Wither anti-virus software?

    As long as there are people capable and willing of creating these computer wreckers, we'll need anti-virus software. Human nature tells us that.

    Gord Craig.
    GordCraig
  • This would apply if everyone was tech-savvy...

    ...but most people isn't. So, maybe they would be unprotected against the latest threat, but not against the loooooong line of outdated attacks, some of them less than a week old and pretty much on the wild.

    That's why most people get antivirus and anti-everything else software. Because if they don't know how to protect themselves on their own, at least there is some piece of code that does most of the job for them.
    TheITStranger
    • not the techically sophisticated

      You have said exactly what I would have said. The point is, most computer users are undereducated when it comes to the dangers of the Internet.

      Anti-virus applications are designed to help average users; not the techically sophisticated. So, of course there is a need for them.

      I find most tech people (I am one), can't see past the end of their nose when it becomes necessary to look at the broader picture.

      Start Blogging or get involved in forums and see who really makes up the Internet. It sure isn't technically savy users.
      billmullins19461
      • Good points

        AV is just one method of protection, not the end game. Surfing and trying new programs in a sandbox or VM, using a HIPS program, firewall, anti-spywarecommon sense, etc., are all part of total protection. Keeping track of all the threats is a hopeless waste of time. Users need to focus on learning aboutand using effective protection.
        howiem
        • Good point....

          I agree users should focus on good Av products
          However the mainstream AV companies who write this stuff produce poor quality software at best they build software suites all that I've seen reek havoc on most PC by this I mean slow it down to the point it just won't work very well. AV-ware should be stand a loan only same with Firewall and spyware products. This non-sense about combining it into a suite is too just to grab a bunch of money nothing more then a marketing skim ! But most of all these companies should work together to combat the problem's on the Internet. In my line of work I find that I have to turn off these suites or remove them to just to get the PC to work like its sub post too, and then run AV-ware stand a loan product along with the other single products?
          rsmundy
          • Just curious . . .

            Is English your native language?

            Mark Yannone
            http://correctenglish.blogspot.com
            markyannone
          • it hurts to read

            Please don't speak ever again. I almost had a nose bleed from trying to figure out what the hell you were saying. If English is your primary language, you should be ashamed. If it's a secondary language or something... you should know that you're terrible at it.
            dkendig
          • Don't worry so much about your English..

            I welcome posters from around the world. However it could improve readability if you would use paragraphs.
            JCitizen