Independent Security Evaluators Test Discovers Most Anti-Virus Products Are Ill-equipped to Stop New Hacker Attacks
June 2007 Independent Security Evaluators (ISE) recently completed a study of major security vendors’ ability to detect malware variants. The purpose was to evaluate the performance of various vendor products at blocking these common threats. Using well-known viruses and tools to make slight modifications, the group created a body of approximately 4,300 malware variants and tested them on eight anti-virus products.
“We found that overall [Avinti’s] iSolation Server was the most effective of the products we tested at discovering non-standard malware variants. Many of the other products in our tests were substantially less effective, allowing significant majorities of our malware corpus to pass undetected.” Taken from ISE Comparative Test Results study, May 18, 2007.
The study demonstrated that the majority of e-mail gateway products tested failed to detect and stop malware variants that were used. The methodology and tools used for the test are similar to those commonly used by hackers to bypass enterprise malware products.
The ISE test determined that Avinti’s iSolation Server™ generally outperformed other solutions with a catch rate of 98.8% and that only two vendors, Avinti and Symantec, stopped greater than 90 percent of all malware variant instances used in the study. Other vendors total catch rates for all malware tested ranged from 53% to 11%.
