I read this post at another forum. Is that true? Best Regards.
???
"Anti-Virus Is Dead, D-E-A-D, Dead!
Outgoing Gartner analyst Amrit Williams is leaving with a bang, boldly declaring that stand-alone, signature-based anti-virus is dead.
Williams, who is giving up his analyst hat and joining BigFix as chief technical officer (that’s triggered a whole different debate), also argues that the stand-alone anti-spyware market is kaput too, “If it even existed!”
In a blog entry that will surely raise hackles in some quarters, Williams argues that signature-based AV isn’t protecting anyone anymore and certainly wasn’t providing any protection against spyware, rootkits and the other nastier threats that have popped up recently.
“It didn’t stop Blaster, or Sasser, or Slammer, it did nothing to help Choicepoint, or the VA or the orgy of disclosure we have all become numb too. It was running happily along, updated and content on my mom’s machine when it turns out her Windows XP box was infected with some pretty nasty bits,” Williams wrote.
This is the security industry’s worst-kept secret, of course. For me, the Sony BMG rootkit drama was the final nail in the AV coffin. That episode wasn’t so much about copy protection or Sony’s greed. It was about the rank incompetence of the anti-virus sector.
The spyware guys are having a field day playing – and winning – cat-and-mouse with AV vendors. Quick spam run with a new Trojan; sit back and watch the AV guys scramble to ship signatures; tweak the code, send another spam run, watch and giggle as another round of .DAT files get built; repeat, rinse, dry.
By the time the AV vendors send out their gushy press releases hailing another blocked virus, the botnets are replenished and the cycle repeats itself next month.
This is why I’m happy to see Williams boldly bring the discussion out in the open, exposing the limited to nonexistent way in which stand-alone anti-spyware deals with bots and rootkits.
So what happens next? Williams predicts:
"Well AV becomes part of a converged security client, offering multiple capabilities including anti-spyware, personal firewall, and intrusion prevention as the foundation. Of course this has already begun and the AV guys are shoving more and more technologies onto the desktop, including data leak prevention, end-point policy enforcement, patch and configuration management. They bundle it under some uber-agent, while the individual executables are fighting to claim your system resources. They offer some half-baked management console, slap a new coat of paint on some recent acquisitions, and complain anytime Microsoft attempts to improve their security if it in anyway affects their sacred AV cash cow."
He’s absolutely right when he says that enterprises invest and deploy AV “more out of a sense of fear than because they believe it is offering value.” In many ways, you could make the argument that it borders on extortion, the way we feel we need to buy protection that doesn’t – and won’t exist – in anti-virus software.
“By the end of 2007 stand-alone AV will be dead, d-e-a-d, dead! Organizations need to evolve their client security programs or expect to see increased costs as the number of agents continues to rise,” Williams declared.
Amen to that.
For more IT related content on the blogosphere, check out www.ithub.com
Posted by Ryan Naraine on December 1, 2006 2:47 PM"