"To be clear, we don't recommend eliminating antivirus,” the report states. “We do, however, recommend rebalancing and modernizing security spend to meet today's threats.”
The team that conducted the study passed 82 malware files through an online malware-checking system that tests the files using about 40 antivirus programs. The initial results found a detection rate of zero. The team repeated the test over several weeks to see if detection improved over time. While improvement was found, the best performing products took at least three weeks to detect many of the malware files.
"Enterprise security has drawn an imaginary line with its anti-virus solutions, but the reality is that every single newly created virus subverts these solutions without challenge," Imperva CTO Amichai Shulman said. "We cannot continue to invest billions of dollars into anti-virus solutions that provide the illusion of security, especially when freeware solutions outperform paid subscriptions."