The security old guard are under attack

As the security landscape shifts, security giants need to adapt. Otherwise the industry's minnows might take over.

COMMENT Revolution has been a big theme of 2011. Not just in the political sphere, but in the tech world as well.

Indeed, the two became intertwined during the Arab spring, when social media was used as a key communications tool for the revolutionaries.

An insurrection of sorts looks set to take place in the security industry too. The two overlords of the market - Symantec and McAfee - are under attack.

Advertisement - Article continues below

Anti-virus is a hoax. The engines are not working.

The minnows of the industry are starting to get aggressive, especially in their comments about the old guard.

Over the past few months, a refrain has repeatedly crept up in conversations with these young up-starts: the old systems don't protect against new threats.

The mighty minnows

According to Nir Zuk, founder of Palo Alto Networks, traditional vendors are still selling the same engine used to detect threats that was created nearly two decades ago.

"Anti-virus is a hoax. The engines are not working," Zuk told IT Pro.

He believes traditional AV vendors are even wasting money on ensuring their products are the default choice on PCs sold directly to consumers. What's more, they don't even seem to be gaining any financial benefit from it, he claimed.

Advertisement - Article continues below

"That's something you will not see in their results," Zuk added. "The consensus is that they will never see their money back."

Advertisement - Article continues below

Another consensus amongst these security companies is that the old database, or signature-based system does not work as highlighted by M86 Security recently.

They make a valid point you can't detect zero-day threats by referring back to a database of known malware. It's just not possible. For real protection, you need systems that can identify dodgy traffic or dangerous code in real-time, or close to real-time at least.

As attacks become more targeted and are able to bypass standard AV, it becomes clear the old systems do little to prevent serious breaches.

Of course, there are some histrionics on the behalf of these feisty new security companies. They need to make a name for themselves and lambasting the security giants of today's world won't do them much harm. Having said that, Zuk's firm is partnered with Symantec so take his comments with a punch of salt. On top of that, Palo Alto uses a database itself behind its appliances is a Webroot database. Make of that what you will.

Advertisement - Article continues below

Regardless, their comments about the flaws within the old systems are hard to deny.

The Symantec way

So what does Symantec have to say about others openly trashing the way it detects threats? Greg Day, who recently moved from McAfee to Symantec (saying his new role as EMEA CTO was "a breath of fresh air"), was convinced the claims against the number one security player were rubbish.

"The first thing is, Symantec is not purely signature dependent. We have in there signatures that we put to the client and we also make use of the cloud to gather real-time intelligence and apply smart controls in much the same kind of mentality that M86 do," Day said.

He pointed to Insight, which uses a wealth of information to determine whether a file is safe or not, such as looking at its provenance or whether it has a digital signature. That's still not a real-time model is it? Does it not still require old information to detect a potential threat?

"I agree it's not quite real-time because it's comparing with others in the cloud but I would say that it's probably real-time plus a few seconds," was Day's response.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now

Most Popular

video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Mobile Phones

Apple lifts iPhone purchase restrictions

23 Mar 2020