Study Finds Antivirus Software Ineffective

A study commissioned by Imperva found that it took up to three weeks for the best-performing antivirus solutions to begin detecting malware.

by / December 4, 2012

Antivirus software is a waste of time and money for the enterprise, according to a new study described in a recent article on NetworkWorld. Conducted by the University of Tel Aviv for data security company Imperva, the study found that antivirus software was largely ineffective at detecting malware and recommended a retooling of security protocols.

"To be clear, we don't recommend eliminating antivirus,” the report states. “We do, however, recommend rebalancing and modernizing security spend to meet today's threats.”

The team that conducted the study passed 82 malware files through an online malware-checking system that tests the files using about 40 antivirus programs. The initial results found a detection rate of zero. The team repeated the test over several weeks to see if detection improved over time. While improvement was found, the best performing products took at least three weeks to detect many of the malware files.

"Enterprise security has drawn an imaginary line with its anti-virus solutions, but the reality is that every single newly created virus subverts these solutions without challenge," Imperva CTO Amichai Shulman said. "We cannot continue to invest billions of dollars into anti-virus solutions that provide the illusion of security, especially when freeware solutions outperform paid subscriptions."