Thursday, August 10, 2006

Why commercial reviews of AV products are misleading

Windows Secrets just posted a rant about certain big-name commercial review sites and their lack of testing methodology when ranking Anti-Virus and Counter-Spyware products and suites.

One has to wonder just how objective these places are -- when they are taking huge advertising dollars from the software companies that produce the products they are reviewing?

But the real point revealed by the article is that signature based protection applications are no longer effective for zero-day attacks. And this last year, it seems that every day has been a zero day . . .

The latest greatest feature to mitigate this problem is so-called "behavioral protection." Certain AV products are adding real time analysis of suspicious actions to catch unknown viruses and malware, even before the signature is updated. Combined with signatures, this method should improve your chances of resisting attacks and new infections.

Only two products have this feature, more will have it in 2007. Those two are:

- Zone Labs OSFirewall

- Panda TruPrevent

Of note is that Zone Labs OSFirewall licenses CA's eTrust Anti-Virus as their virus component in the suite. Yet eTrust was not reviewed at all by these commercial sites. It also happens to be my personal favorite AV protection application based on real-world results for myself, my clients and my last big employer - who started using it on their entire corporate network right after they got "Blasterized" several years ago.

No comments:

Post a Comment

Comments are welcome but moderated to prevent spam links. I usually check them at least once a day in the evenings - so please be patient with me if your comment does not appear quickly.

Thank you.