We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

The future of antivirus software revealed

Is signature-based software here to stay?

What does the future hold for signature-based antivirus? We've got some expert opinions on the subject.

Not just whitelisting

Traditional, signature-based antivirus software has its uses. If a system is actually infected by malware, it "may be the least painful way of removing it", says David Harley, administrator of Avien, the antivirus information exchange network, adding, "Whitelisting does seem to be advocated currently as the panacea du jour.

"I think this relentless search for The Answer, discarding one partially successful solution set for something else in the hope that it will eliminate the problem, is actually unprofessional."

Harley makes that argument because he doubts that any single technology approach will be a 100 percent solution when it comes to security. He wrote that whitelisting thus is likely a supplemental technology for fighting malware, making it one of a host of newer technologies that have been adopted, including heuristics, sandboxing and behaviour monitoring.

This layered approach is increasingly being espoused by major security software vendors, too.

And corporate CIOs certainly don't expect to find one answer to their problems. "If you rely on signatures for security, you're pretty much dead in the water," says Ken Pfeil, head of information security for the Americas Region of WestLB, a German bank.

Pfeil thinks signatures are useful and his firm uses them. But when new malware appears, he often finds it faster to try to break it down himself to understand its potential effects, rather than to wait for his vendor to give him an update. His firm has also adopted tools that use heuristics techniques and anomaly testing, to add oomph to its antivirus approach.

That kind of layered approach to software fits with where Natalie Lambert, an analyst at Forrester Research, thinks the market is going. She says that signature-based antivirus is 'table stakes' for security software, and techniques like heuristic information processing systems (HIPS), which looks for suspicious actions by software, like an application opening itself from the Temp folder.

Lambert says McAfee is probably furthest along in using HIPS among the big antivirus makers, having had more time than its rivals to use new features added via corporate acquisitions.

NEXT PAGE: What the future of antivirus holds

  1. Is signature-based AV here to stay?
  2. There's more to antivirus than whitelisting
  3. What the future of antivirus holds

Visit Security Advisor for the latest internet threat news, and internet security product reviews


IDG UK Sites

Microsoft smartwatch release date, price and specs rumours: Launching within a few weeks

IDG UK Sites

Why you shouldn't buy the iPad mini 3: No wonder Apple gave it 10 seconds of stage time

IDG UK Sites

Halloween Photoshop tutorials: 13 masterclasses for horrifying art, designs and type

IDG UK Sites

Should I upgrade from Mavericks to OS X 10.10 Yosemite? What you need to know before updating to...