Response to Dancho Danchev on the Malware Outbreak Center


Security blogger Dancho Danchev brings up several good points in his blog post triggered by Commtouch’s new Malware Outbreak Center.

I agree that without traditional AV in place, most companies would be exposed to many “in the wild” viruses like Netsky. It’s plain irresponsible to not have protection in place for the daily bombardment of these and other malwares that have been around for years. However bear in mind that malware writers are still mutating these viruses into new variants, many of which penetrate some AV engines, so traditional AV is not necessarily enough.

I also agree that sharing samples among AV vendors is better for the world at large, however commercial considerations can sometimes put a damper on a company’s altruistic motives. So our little contribution to saving the world from viruses is to share our zero-hour samples with our licensing partners, several of which are AV vendors. This way they are among the first to receive a particular sample in their lab and can start tearing it apart and analyzing the binary code before some other AV vendors have even encountered it in their honeypots.

Go back