• Paul Isaacson

Security Software - Choosing what product works best for you?

Updated: Apr 20

The Story

I often get asked by consumers which antivirus is best...


The Short Answer:

There isn't one


The Long Answer:

There are several independent groups who, without bias, perform an in depth look at Anti-Virus / Security-Suite companies. One particular company which we will focus on today is AV Comparative. You can visit their webpage and look at their results and awards.

Unbiased Testing

In my opinion, for an Anti-Virus Company to be considered as viable they need to agree to independent companies putting their software to the test. You may notice from the list below some largely well-known AV Vendors are not included, I'm namely pointing my finger at Norton...

Symantec (Commonly known as Norton) has not been test by AV Comparative since 2012. A response from Norton is quoted below:

"Symantec has long been an advocate of independent “whole product” or “real-world” tests that most closely represent the interests of consumers and utilize all of the proactive technologies provided with a product, as opposed to “static” tests that only test an individual component. Currently AV-Comparatives does not offer a subscription focused solely on these “whole product” or “real-world” types of tests. At this time, Symantec has chosen not to subscribe to AV-Comparatives’ testing program for 2012. Our philosophy is to participate in tests that have high relevance and meaning for consumers, and most accurately align with their real-world need for comprehensive protection and machine cleanup from evolving online threats. We will continue to seek out and participate in a range of tests that meet these standards to measure our products’ efficacy and performance."

Symantec instead decided to go with AV-Test.org where they commissioned (A commission is also an order for someone to do something and get paid) AV-Test to perform Real World and Whole Product Tests. Ironically over the past three years the company has received lower detection rates and lower performance rates than other competitions but still was awarded with a "Top Product"...

2014 Link, 2015 Link, 2016 Link

I personally do not hold an "independent company" opinions to be unbiased when they receive money from a vendor to perform a test.

With that being said, I'm not saying I don't like Norton, if it has worked for you for years and years then stick with it. But I bet if you continue reading you'll probably switch to another vendor.

Detection Rates

Moving on we will look at AV-Comparative's Tests for June 2016 (Full Mark Up and Description)

"The results are based on the test set of 355 live test cases (malicious URLs found in the field), consisting of working exploits (i.e. drive-by downloads) and URLs pointing directly to malware. Thus exactly the same infection vectors are used as a typical user would experience in everyday life. The test-cases used cover a wide range of current malicious sites and provide insights into the protection given by the various products (using all their protection features) while surfing the web."

The colors used in the chart above are pretty self explanatory, green is good, red is bad. The yellow portion were threats identified but relied on the end user to decide how to proceed, which in many cases can be a dangerous option for those users who state they are not "tech savvy". The yellow line is somewhat difficult to explain, but are items deemed by the Anti-Virus engine to be dangerous when in fact were harmless. In our field we refer to these as False Positives, in other words, something detected as a threat when in reality it is harmless. This often happens with programs that are lower budget or may not be used largely by the group base. For example if 100 "Insert Vendor Name Here" users have a program called Glasswire.exe then "Insert Vendor Name Here" will likely deem the file safe because "everyone has it". However if only 5 of the 100 users have a program called Glasswire.exe then "Insert Vendor Name Here" may mark it as suspicious and inadvertently block or remove it. This is the principle of user based detection where "Insert Vendor Name Here" monitors and reports every file you open on your computer. Yes... most Anti-Virus companies offer (by default) to spying on your computer usage to help identify threats and protect their other users. I personally opt out of these programs namely for pure privacy principles. I have nothing to hide, but I still don't want you prying into my every move.


Performance

The next item used to determine the strength of an Anti-Virus is how it effects your overall system performance. Sure everyone wants an Anti-Virus that protects you from everything, but when it makes your computer slow down by 50% is it worth it? In most cases.... No

Third Party Vulnerabilities

Another important variable is choosing a security suite that scans your system for third party software (i.e. Google Chrome, Adobe Reader, Apple TV, Java, MS Office, Open Office, CCleaner, etc.). Third Party Software often contains mistakes in the programming codes which hackers use as exploits to gain access to a machine and infect it. In fact third-party software, not Microsoft or Apple, is blamed for 76% of vulnerabilities on average household computer. Sure there are stand-alone tools that can be used to perform these checks, but why not have one tools that does it all.

Full Link Here

Below is a list of vendors who offer Third Party Software Update feature:

  • Avast Premier

  • Kaspersky Internet Security

  • Trend Micro Maximum Security

If you're not interested in incorporating this feature with your Anti-Virus we recommend Secunia Personal Software Inspector, commonly referred to as Secunia PSI. You will need to provide your e-mail address and full name to download this software.

We will write a blog about this application at a later date

(Link to Secunia PSI Blog from Bringing Your Tech to Life to come at a later date)

Compatibility with Devices/Platforms

With the magnitude of mobile Internet devices we use, it is important to not only protect your personal computer, but also your other devices. These items can include Android Tablets, Apple iPads, Android Smart Phones, or Apple iPhones. It is important when deciding what software to purchase to make sure it can also protect your mobile devices as well.

Below is a list of vendors who offer this feature:

If a hyper link is not available for a feature, then at the time of this writing no such feature exists for the platform.

Cost & Affordability

Another item I use is based solely on value. Money doesn't grow on trees so the saying goes. Everyone wants the best product for the best price. Often times you can get a better value by protecting multiple devices rather than buying individual licenses. In addition many companies offer a discount when purchasing for multiple years.