Posted by Javi Guerrero, April 7th, 2010
It’s a known fact that security software in general, and antivirus software in particular is always a couple of steps behind cyber-crooks. That is, the most usual thing is for malware creators to find new ways to attack computers and for security companies to update their products to be able to combat the new threat.
So, operating systems and applications must fix their vulnerabilities and antivirus solutions keep their databases up-to-date to be able to detect the new malware that appears.
If you consider the huge amount of threats that appear every day, it is easy to realize the huge effort that must be invested to keep up the fight against malware. Along these lines, Panda’s innovative developments such as TruPrevent technologies or the recent Cloud AV (the first antivirus in the world to put the concept of cloud-based protection into practice) have proved to be extremely effective when it comes to detecting malware. However, the fight goes on and will continue indefinitely.
Yet, there is an aspect of antivirus software development that clearly shows the disadvantageous situation it is in: the requirement to respect the operating system and other installed applications, in terms of stability, performance and functionality.
What does this mean? Well, just as I explained in my previous article Antivirus, performance and security, security solutions must protect the system without affecting performance beyond what is reasonable. They must also avoid affecting the way other applications or the operating system work, in order not to cause instability, crashes or incompatibility conflicts. This is sometimes very difficult to guarantee, due to the peculiarities of the way an antivirus product works.
Getting back to the topic of this post, here is an example of a disadvantageous situation: Any antivirus software in general, and especially some of its components (such as the “on-access” detection layer) must fulfill certain conditions and good practice recommendations set out by Microsoft in order to ensure the product’s reliability and quality, and obtain compatibility certificates, etc. These rules include, among other things, to avoid using undocumented system functions, as they can change from one Windows version to another, or even among various service packs, and generate an incompatibility conflict that might cause the problems above.
However, malware evidently does not have to follow any of these rules or try to ‘respect’ the system and its applications, or at least not beyond what is strictly necessary to achieve its goals, as it is not a legitimate application.
The antivirus, however, must abide by those rules and is at a clear disadvantage when it comes to detecting and neutralizing threats. Sometimes, this makes security developers feel as if they were fighting with one hand tied behind their backs… Actually this is very similar to real life: whereas criminals break the law as they like, law enforcement agencies must abide by a series of rules and laws in the process of stopping them.
If you take all these circumstances into consideration, it is really worth admiring the effort put in by security software developers to try and keep ever-increasing threats at bay.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
7 comments
PAnda Antivirus didn’t stop 70+ viruses from attacking my computer and then required professional assistance. My subscription was a few days from being expired, what kind of protection is that. If you pay for protection for a year then you should get that FULL year
Hi Ann,
Thank you for writing on our blog.
For technical queries, however, please refer to our Technical Support Forum, and Panda technicians will assist you.
Best regards,
Blanca
eknowledge technician
I had Panda but replaced it with CA AntiVirus when Panda began to crash my system constantly. CA also provides live tech support over the phone. Ill think about Panda only if they have something like that.
Hi Walter,
Thanks for your comment and for visiting La Piazza blog.
Should you decide to install any of our antivirus products again, Panda experts will be glad to provide you technical support through any of the avaiable channels so far: Knowledge base of the Support website , by email, Panda Support forums, or following our experts on Twitter @PandaTechSup.
Best regards,
I had Panda but replaced it with CA AntiVirus when Panda began to crash my system constantly. CA also provides live tech support over the phone. Ill think about Panda only if they have something like that.
Hi Walter,
Thanks for your comment and for visiting La Piazza blog.
Should you decide to install any of our antivirus products again, Panda experts will be glad to provide you technical support through any of the avaiable channels so far: Knowledge base of the Support website , by email, Panda Support forums, or following our experts on Twitter @PandaTechSup.
Best regards,