Do we really need AV? Of course we do!

Submitted by Kai on Wed, 2008-10-08 08:18.

Following my question to readers around the globe - Do we really need Antivirus solutions in 2008? - The answer is a non-surprising YES we do!

As Alan over at Stillsecure puts it:

"It is like the measles"

Alan goes straight to my point - we do not need the AV of 2001 - we need the AV of 2008. The solutions of today is a combined tool that offers virus cleaning/stripping, spam handling, malware control, IDP/IPS and so on. And these tools will continue to develop as the threats changes and evolve.

Kurt Wismer put it this way in comments, and on his blog:

"viruses are malware... non-viral malware, however, seems to be what the
cyber-crooks prefer these days... self-replication has a way of getting
out of hand and calling attention to the malware..."

Self replication has a way of ... attracting attention - exactly! So what we see today is that many malware authors try to avoid detection, and keep more control over the process of inflicting damage. And as such malware is not detected by normal AV-tools using signatures, we need tools that are able to detect threats that tries to fly below the radar. Which brings us back to Alan and the 2008-AV tools.

Andy is as usual spot on with his comment:

"I'm afraid that w/o it we would be in much worse shape overall than we currently are."

Yes, we would be much worse. It would be only a matter of time before the old jungle of virus and worms would flood the net again. It is like the measles of Alan all over again.

To summarize my take on AV anno 2008 - we still need it. We need it more than before. We need it as one of many building blocks to take care of security.

As Larko put's it:

"Would you have sex with a stranger without a condom if the media
reported that you are less likely to catch AIDS than you used to?"

I guess that some would, but that does not mean the rest of us should!