Comparing Anti-Virus Solutions is something many organizations will (should) do to ensure their security choices sill work. While researching DrWeb’s work on the Flashback.K malware, I stumbled on this chart (see below). It uses data from Shadowserver.org (http://www.shadowserver.org/wiki/pmwiki.php/Stats/VirusDailyStats) to compare malware packages. Interesting POV that is worth watching over time to see if it is of value. What do you use to compare your anti-virus solutions (use the comments section to reply)?

(Update: Shadowserver.org still maintains data on the effectiveness of anti-virus. The results can be found on their Virus Page https://www.shadowserver.org/wiki/pmwiki.php/AV/Viruses.

If you have an autonomous system (ASN), it is strongly recommended to sign up for the daily Shadowserver reports:

Shadowserver’s Get Reports on your Network – https://www.shadowserver.org/wiki/pmwiki.php/Involve/GetReportsOnYourNetwork

These reports provide a free “outside in” view of what the security community sees in your network. For example, in 2008 at while at a major operator, I got a Shadowserver report that I had 19 systems infected with a Mbroot infection and beaconing out to a C&C monitored by Shadowserver. None of my security tools nor anti-virus spotted the Mbroot infections. Major damage was mitigated all from a free email report from Shadowserver. 

 

Need Security Advice?

If you find your organization needs help and worry about the FUD from the industry, reach out and ask for help. You can reach me at bgreene@senki.org. Start with the Operator’s Security Toolkit. It is the no-nonsense security for all Operators. It provides details to help them build more security resilient networks. In the meantime, stay connected to the Senki Community to get updates on new empowerment and security insights.