blog

Antivirus is Dead

How to protect yourself against rapidly changing threats

 

SIMPLE SECURITY GUIDANCE AND ARTICLES DIRECT TO YOUR MAILBOX

What you need to know to protect your business, de-geeked and accessible to everyone

We respect your privacy and will never share your contact information

When I started my career in security, having antivirus and a decent firewall was enough to protect most businesses.  Unfortunately, the world has changed.  Today, there are so many new threats emerging that traditional antivirus, a foundational element in security platforms, simply can’t keep up.

It is estimated that 30% of malware is zero-day, and 80% less than 30 days old.  VirusTotal trends more than 1,000,000 unique files submitted every day. If you’re checking a database of known viruses, how do you catch the 30% that are brand new or the 1,000,000 unique files?  You don’t.

This is one of the reasons why ransomware and doc/pdf exploits are so rampant.  Hackers release new versions almost daily, so they sneak past your defenses before antivirus products have any chance of catching it.

Is traditional antivirus dead?  If it’s not, it’s definitely in the emergency room.

Enter the next-generation of antivirus products.  While some products still leverage the giant database of signatures, they add behavioral analysis and machine learning to stop new threats that aren’t in their database yet.

It’s smarter software that blocks the techniques instead of relying on exact files.  In an ever-changing environment, it’s the only way to remain effective.

There’s a number of products on the market that are touted as next-generation antivirus including:

  • Cylance
  • SentinelOne
  • Sophos Intercept-X
  • CrowdStrike
  • ESET

Some of these replace your current end-point protection, others provide an additional layer of protection.

One of the nice features of many of these products is forensics.  It allows the administrator to see the lifecycle of a threat – how it came in, where it tried to infect and more.  Very important for incident response and validation of  your security controls.

Note there’s several products which are from innovative, early-stage and have some controversy surrounding them.  They’re disrupting a market that’s been dominated by 10-12 players for more than a decade.

Do you still need an antivirus solution?  Yes, absolutely.  Do you need to be careful about the one you select and its capabilities?  Yes, absolutely.

If you’re concerned about ransomware, and you should be, investing in the next-generation of protection should be considered.

Antivirus, even next-generation systems, should not be considered the holy grail of security.  They’re one piece of the puzzle.  Make sure your security program looks at the whole picture.

If you’re unsure, contact us and we’ll be happy to have a chat.

Leave a Reply

Your email address will not be published. Required fields are marked *

 

SIMPLE SECURITY GUIDANCE AND ARTICLES DIRECT TO YOUR MAILBOX

What you need to know to protect your business, de-geeked and accessible to everyone

We respect your privacy and will never share your contact information