Back to Top

Monday, January 11, 2010

Security vendor’s “top-threat” list proof for their less-than-perfect performance?

539560646_2a6865e8cf_o Here is something I’ve been thinking about lately: most (all?) security vendors publish their “top-threats” periodically. Those lists are made up by centralizing numbers reported by their clients. While it is safe to assume that the majority of the enumerated threats are blocked straight-away – before they can execute a single piece of code – there is a certain percentage which is after-the-fact detection (ie. the machine gets infected, a signature comes out later on at which point – if you’re lucky – the security program will block the malware).

Now I have no idea about the relative size of this subset (or if the companies have it, or how they can collect it for that matter), but I find the idea that marketing material put “out there” can backfire amusing :-).

Picture taken from tigger1fic's photostream with permission.


Post a Comment

You can use some HTML tags, such as <b>, <i>, <a>. Comments are moderated, so there will be a delay until the comment appears. However if you comment, I follow.