Classical Antivirus is dead.Long live EDR?

We recall last year’s article in WSJ  quoted executives from antivirus pioneer Symantec declaring antivirus software “dead” and stating that the company is focusing on developing technologies that attack online threats from a different angle. I also wrote about it here:   Now the new concept has a name: Endpoint Detection and Response (EDR). Kelly Jackson Higgins, an experienced editor at Dark Reading wrote this week an interesting article called “The Rebirth Of Endpoint Security” where she interviews representatives of various cybersecurity startups. “This is is clearly a pretty hot market from a VC perspective. There’s a lot of money flowing in from a lot of new startups,” says Peter Firstbrook, a vice president at Gartner. Firstbrook is tracking more than 30 vendors now in the so-called endpoint detection and response (EDR) security space, and in the past 12 months, EDR startups have raised $322 million, he says. $322mil is a lot of money, but by far not enough to reach the tipping point where these technologies would be able to replace traditional antivirus (based on signatures and heuristics) which is multi billion worth yearly. Krebs wrote also about it last year:     My opinion As also expressed in the article, I think…

No Image

Is Antivirus really dead? It depends on what you call Antivirus

Every once in a while, someone or some company in the information security industry comes up and says, “antivirus is dead.” This happened again last week, when Symantec’s Brian Dye told the Wall Street Journal that antivirus was dead and that it was no longer a “moneymaker.” Avira Security Expert and Product Manager Sorin Mustaca tells us via email: “This hardly comes as news for anyone in the security industry who’s been in the business for more than a few years. I’ve written in April 2014 in the Virus Bulletin magazine an article called ‘Is the IT security industry up to the new challenges to come?’ where I describe exactly this situation. For the past 25 years, the IT security industry has done a great job of protecting users against existing and emerging threats, in the form of files (copied, downloaded or emailed), streams of data (remember Code Red), and recently, even against common vulnerabilities in third-party software. We started with Windows, continued with MacOS and Linux, and lately we have extended the protection to mobile devices running various operating systems. Saying that the ‘Antivirus is dead’ is incomplete. The classical antivirus, the one that works only with signatures or patterns,…

%d bloggers like this: