Q

What is the future of antivirus or antimalware software?

Antivirus software has become antimalware software, and as such it has become more popular than ever. However, to address future threats it will have to evolve to encompass distributed and multi-tiered deployment from the "cloud" to the endpoint.

What is the future of antivirus or antimalware software?

The antivirus software industry is dead and has been for quite some time, and the antimalware software industry

it has become is struggling to keep pace with the technology, sophistication and motivation of attackers and their methodologies.

Host-based, signature-driven technologies are outdated and for the most part abandoned as a viable long-term strategy by most vendors. Polymorphic or adaptive malware simply obfuscates or prevents signature detection outright, and the positioning of where the solutions are located becomes equally as problematic given the attack vectors and propagation techniques used.

Future antimalware software solutions will be based upon a distributed and multi-tiered deployment from the "cloud" to the endpoint. This means that telemetry and behavioral analytics are exchanged between all elements of the collective "network" of communities of interest to provide both detective and preventative capabilities.

Intelligent monitoring and correlation across not only antimalware software platforms, but any and all networked elements, will be critical in the evolution of detecting, isolating and mitigating the onslaught. Further, as attacks become more targeted and focused on not only the exploitation but also the extraction of information, decisions on content in context will also be required.

Ultimately, this telemetry will be gathered, normalized and shared collectively amongst participants and vendor pools in what Yankee Group analyst Andy Jaquith calls "the herd."

The precursor to the evolution of this sort of advanced distributed sensor network is the honeynet, which gathers data on the attack methodologies and vectors used by attackers and this information is then used to shore up defenses accordingly.

This was first published in April 2008

Dig deeper on Threat management and prevention

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close