The security old guard are under attack

As the security landscape shifts, security giants need to adapt. Otherwise the industry's minnows might take over.

COMMENT Revolution has been a big theme of 2011. Not just in the political sphere, but in the tech world as well.

Indeed, the two became intertwined during the Arab spring, when social media was used as a key communications tool for the revolutionaries.

An insurrection of sorts looks set to take place in the security industry too. The two overlords of the market - Symantec and McAfee - are under attack.

Advertisement - Article continues below

Anti-virus is a hoax. The engines are not working.

The minnows of the industry are starting to get aggressive, especially in their comments about the old guard.

Over the past few months, a refrain has repeatedly crept up in conversations with these young up-starts: the old systems don't protect against new threats.

The mighty minnows

According to Nir Zuk, founder of Palo Alto Networks, traditional vendors are still selling the same engine used to detect threats that was created nearly two decades ago.

"Anti-virus is a hoax. The engines are not working," Zuk told IT Pro.

He believes traditional AV vendors are even wasting money on ensuring their products are the default choice on PCs sold directly to consumers. What's more, they don't even seem to be gaining any financial benefit from it, he claimed.

Advertisement - Article continues below

"That's something you will not see in their results," Zuk added. "The consensus is that they will never see their money back."

Advertisement - Article continues below

Another consensus amongst these security companies is that the old database, or signature-based system does not work as highlighted by M86 Security recently.

They make a valid point you can't detect zero-day threats by referring back to a database of known malware. It's just not possible. For real protection, you need systems that can identify dodgy traffic or dangerous code in real-time, or close to real-time at least.

As attacks become more targeted and are able to bypass standard AV, it becomes clear the old systems do little to prevent serious breaches.

Of course, there are some histrionics on the behalf of these feisty new security companies. They need to make a name for themselves and lambasting the security giants of today's world won't do them much harm. Having said that, Zuk's firm is partnered with Symantec so take his comments with a punch of salt. On top of that, Palo Alto uses a database itself behind its appliances is a Webroot database. Make of that what you will.

Advertisement - Article continues below

Regardless, their comments about the flaws within the old systems are hard to deny.

The Symantec way

So what does Symantec have to say about others openly trashing the way it detects threats? Greg Day, who recently moved from McAfee to Symantec (saying his new role as EMEA CTO was "a breath of fresh air"), was convinced the claims against the number one security player were rubbish.

"The first thing is, Symantec is not purely signature dependent. We have in there signatures that we put to the client and we also make use of the cloud to gather real-time intelligence and apply smart controls in much the same kind of mentality that M86 do," Day said.

He pointed to Insight, which uses a wealth of information to determine whether a file is safe or not, such as looking at its provenance or whether it has a digital signature. That's still not a real-time model is it? Does it not still require old information to detect a potential threat?

"I agree it's not quite real-time because it's comparing with others in the cloud but I would say that it's probably real-time plus a few seconds," was Day's response.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now

Most Popular


How to find RAM speed, size and type

24 Jun 2020

Microsoft releases urgent patch for high-risk Windows 10 flaws

1 Jul 2020
data protection

EU institutions told to avoid Microsoft software after licence spat

3 Jul 2020