Feeds

Top vendors flunk Vista anti-virus tests

Outstandingly mediocre

SANS - Survey on application security programs

Security vendors including CA and Symantec failed to secure Windows systems without fault in recent independent tests.

Twelve of the 35 anti-virus products put through their paces by independent security certification body Virus Bulletin failed to make the grade for one reason or another and therefore failed to achieve the VB100 certification standard.

The main faults were either a failure to detect a threat known to be in circulation (one particularly tricky polymorphic file infector caused the most grief in this area) or creating a false alarm about a file known to be benign.

Virus Bulletin's VB100 tests benchmarks the performance of a vendor submitted anti-virus product against a set of malware from the WildList, a list of viruses known to be circulating. To gain VB100 certification, a security product must correctly detect all of these malware strains without blowing the whistle when scanning a batch of clean files. Vendors only get one run at passing the tests, which are conducted free of charge to security software manufacturers.

Most, but not all, of the main vendors submits products for testing. Trend Micro - which has expressed reservations about Virus Bulletin's testing methodology - is a notable dissident.

The results of the August 2009 VB100 review can be seen here (free registration required).

John Hawes, anti-malware test director at Virus Bulletin, said its biggest problem in running its most recent tests were crashes and system slowdowns.

"Many of the products in this test did prove stable, speedy and well behaved, but many others had issues far too serious to be classed as mere quirks and oddities," he said. "We experienced a large number of freezes, crashes and hangs, not just of the product interfaces or of specific scans but in many cases seeing the whole machine shutting down."

Virus Bulletin recently began assessing the reactive and proactive detection abilities of anti-virus products alongside the long-established VB100 tests. The new tests are a reflection that the malware landscape has changed radically over recent years, with greater malware volumes and targeted attacks.

Microsoft's new Forefront security scanner came out well in these proactive categories, a factor Hawes attributed to the effort Microsoft has thrown into improving the performance of its technology over recent months.

Hawes added that overall performance of security products in proactively detecting malware was "disappointingly low" in several cases (see chart here).

"We saw some particularly poor detection of emerging threats and the products in question have a lot of work to do if they are to provide acceptable protection for their customers," he said. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.