- Market surges, Gates predicts 9% unemployment
- Obama the first presidential hopeful to advertise in games
- Microsoft reveals critical holes in Active Directory
- BlackBerry Storm vs. the iPhone
- How will economy affect network equipment vendors?
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
|
|||||||
A lack of consistency in the way vendors define and recognize malware makes it impossible to enumerate the number of instances that each product recognizes. One vendor might inflate its count by including several kinds of browser cookies, while another might inflate its count by treating slight variations in a malware instance as multiple instances.
A vendor that says it recognizes 5,000 distinct malware instances might actually thwart more malware than a vendor that touts a count of 50,000. We're happy to report that the vendors in this test are among the most honest in their counting methodologies.
Few vendors have fully embraced the proposed standards at www.antispywarecoalition.org. To compound the problem, each vendor typically uses a different name to refer to the same spyware instance.
Even the tools that vendors use to thwart malware often have little relationship to the number of malware instances they handle. One vendor might recognize a particular malware instance via a file-specific signature, while another blocks the same instance by recognizing the exploit that it uses. Yet another handles that same malware instance via disallowing access to certain IP addresses or URLs.
The antimalware industry clearly needs a standard definition of malware and a standard method of expressing how many instances a vendor recognizes.
< Previous: New approaches on attacking malware | Next: How we tested antimalware >
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment