Come in AntiVirus Software, Your Time Is Up
Sunset on Antivirus
When I was first briefed, about a couple of years ago, by Securewave, a European security start-up that was establishing itself in the US, I concluded that their approach to IT security would eventually supersede antivirus software. Securewave could have aggressively marketed the fact that it made antivirus software defunct, but it didn’t. You can’t take on industry giants when you have a very limited marketing budget, can you?
The next company I came across with a similar proposition was Bit9. They didn’t have an identical approach to Securewave, but it was very similar…
Put simply, the approach of both companies is like this: You fingerprint valid executables. You stop anything that is not authorized from running. You allow self-authorization, but you quarantine anything that is authorized by the PC user until it has been authorized officially. You can do this on servers too. The details of how and the various nuances vary.
The point is that it stops viruses stone dead—including ALL zero-day exploits. Actually it also stops a good deal of bad user behaviour too, like loading your own applications. That’s its major function. The killing of viruses is a simple side effect. It won’t stop buffer overflow attacks by hackers, but it will stop the successful overflow-attacker-hacker from doing much to subvert the attacked machine.
So last week I ran into a third vendor with this kind of security technology: AppSense. AppSense has come to market quite recently with its security offering, but it has a highly functional capability because it has been making a tidy living from selling management software in the Citrix environment and now it has specialized some of this for security market. Three times is the charm, I guess. Here’s the point: AppSense has one customer that has installed AppSense and thrown away all the antivirus software it previously ran. (No problems experienced, by the way).
Like Securewave, AppSense is not going to pick a marketing fight with the big antivirus vendors, but nevertheless the tide has now turned and soon it will be racing in.
Antivirus software is no longer required.
It’s over for antivirus software.
Come in antivirus software, your time is up.
There you are; I’ve said it thrice and what I say three times is true.
Well..this certainly did not pan out, did it? It is hard to cut through all the promises some of these companies make and find the truth, but there is an important lesson to be had here. Never blindly buy into marketing materials or talk, wait for proven results!
Actually it panned out very well, forcing all the major AV companies to offer whitelisting products, and the campaign has pretty destoyed the prospect sof AV on smart phonnes. All the smartphones (soon to outnumber desktops) have whitelisting as the virus defence. AV on the iPad? I think not. The real lesson here is not to buy in to technology that is obviously flawed, because it will ultimately be superceded. And you’re right about not buying into the marketing materials of AV vendors.