- Antimalware innovators are increasingly successful in pitching their endpoint alternatives as supplemental to incumbent AV products.
- This raises the question: why continue to pay premium prices for less effective, traditional protection?
Yet another study claimed recently that anti-virus products fail to detect 60% of the malware in the wild, according to the Security Engineering Research Team (SERT) Solutionary, a managed security services provider. Those kind of statistics hardly raise eyebrows anymore, but large enterprises continue to pay premium prices for their endpoint protection. This is not to say that the large anti-malware providers aren’t trying to adapt to the changing threat landscape, but they are slow to innovate and are taking baby steps to move beyond the broken signature-based approach to malware protection, in which each new malware and its variant must be identified and a signature created for endpoint-based scanners to identify.
This has given rise to a new crop of vendors that are bringing real innovations to the fight, and many of those—including Sourcefire with its FireAMP advanced malware protection product—are wisely pitching their products as a supplement to existing endpoint protection already in place in most enterprises. A new startup called Bromium, led by former Citrix executive Simon Crosby, is also taking a very innovative approach to plugging the holes left by traditional AV products by using specialized virtualization technology. Compliance may be the primary reason enterprises continue to pay the big bucks to well-entrenched, traditional AV vendors. But this can’t last – as more enterprises evaluate these supplemental endpoint protection products, they have to wonder what in the world they’re paying for. And as they approach the end of their maintenance contract periods, they should be prepared to argue the case for lower prices. Why would you pay the same or more money for a product that’s not as effective as it used to be? And if the supplier isn’t willing to accept lower prices, why not just go with freeware such as Microsoft’s Security Essentials supplemented with these more innovative products? This may be a bit of a leap for some. Recent accuracy testing by the UK-based Dennis Technology Labs found Microsoft Security Essentials was compromised by 15% of the threats it threw at the AV products this round of testing. It would be interesting to see how the new advanced malware protection products fare when coupled with such freeware. But for the enterprise, that strategy would address the compliance mandate at a much lower cost while still getting coverage for both old style and more advanced malware.