Next generation antivirus: the future of malware protection or marketing hype?

[harlan4096]

If you have even a passing interest in malware or technology in general, you might have heard the term “next generation antivirus” (or “nextgen AV” or “NGAV”) being thrown around.

Understandably, there’s quite a bit of confusion about what nextgen AV actually is and how it differs from traditional antivirus software.

In today’s post, we’re going to weigh in with our opinion on the nextgen antivirus debate and give you some insight to help you make a more informed decision about your antivirus software.

What’s the difference between traditional AV and NGAV?

Interestingly, there’s no single definition for nextgen AV. To some, the term is used to describe endpoint security products that use innovative technologies to provide better protection against a wider range of threats. To others, it’s little more than promotional mumbo-jumbo, buzzwords marketers have dreamed up to sell what is otherwise just plain, old, unsexy antivirus software.

Here’s our take on the matter:

Traditional antivirus

For the sake of this article, we’ll define traditional AV as antivirus software that uses signature checking and heuristic analysis.

What exactly does that mean? Well, in the early days, antivirus software relied heavily on signature checkers that could detect malware by cross-referencing files with a database of known threats. It was a simple system, but adequate to deal with the rudimentary malware that were floating around.

However, as malware grew more advanced and the volume of new malware being released to the world skyrocketed, signature checkers steadily became less effective. In response, many antivirus vendors started using heuristics and behavioral-based protection to detect suspicious characteristics and stop new threats – even those that had never been seen before.

For a while, these two systems combined allowed many antivirus vendors to provide reasonably good malware protection. However, the world of malware is rarely static. In a bid to keep pace with rapidly evolving malware, antivirus companies have introduced various new and innovative technologies that are designed to provide a more holistic solution. This has ushered in the era of nextgen AV.

Nextgen antivirus

What exactly is nextgen AV? Much like traditional AV, there’s no clear-cut definition, but it’s generally accepted that nextgen AV takes a more proactive and system-centric approach to malware, with the aim of providing superior protection against a wider range of threats.

In addition to malware signatures and heuristic analysis, many nextgen AVs use technology such as:

* Machine learning: AV companies can harness the power of AI and machine learning to improve protection capabilities in many different ways.
* Cloud scanning: NGAV takes a more holistic approach to security by using the cloud to identify threats. NGAV checks the system for irregularities, the presence of new apps and any unusual actions. It then verifies those things in the cloud using a massive database of programs and related behaviors.
* Automated remediation: The ability to identify and resolve issues without user input.
* Forensics: Collects and presents a large set of data that can be used to identify what happened before and after an event (e.g. a malware infection) took place.
* Usability: Nextgen AV is designed to provide a better user experience than traditional antivirus.

Looking at these differences, it certainly appears that nextgen AV has a leg-up on traditional AV. Unfortunately, there’s just one problem…

Continue Reading