How is it with the „death of antivirus”?

114

You’ve probably heard that one of Symantec’s high-ranking representatives recently announced that antiviruses are dead – again.

Such statements have appeared in the past, and I am sure they will come up more than once. Typically, such „strong” statements are made when an IT security company is about to announce the arrival of a „new” technology that it has developed. There is a known case where another antivirus vendor used the same approach in 2008 to announce the launch of its cloud-based service, and even then the strategy was nothing new.

What can I say … Traditional signature-only antivirus has been dead for many years. This mechanism has been replaced or supplemented by a set of much more advanced technologies, including heuristics, sandboxed code analysis, reputation assessment services, whitelists, etc.

Every serious player in the security market has adapted to these new trends. The truth is, those who didn’t just disappeared. Many times we have already seen the emergence of new technologies that were supposed to be a kind of „cure all evil” and completely rule out scanning based on signatures. However, it always turned out that these technologies were simply part of the entire package of protection methods and supplemented the existing arsenal.

Modern high-end IT protection includes a fairly large set of features – proactive detection based on application behavior in the system, reverse-malware mechanisms, cloud technologies, sandboxing, anti-exploit prevention and much more. By the way – in many cases Kaspersky Lab was the first to introduce such mechanisms on the market, never foretelling the death of antiviruses.

Perhaps instead of asking „are antiviruses dead?” we should put the deeper – „is security dead?”

The answer, of course, is no.

The fact is that threats are increasingly complex and advanced, and in such a situation only companies that are able to offer their clients the highest level of protection can survive on the market.