Lastline Labs shares a year long study of AV effectiveness. While noting AV protection is essential, it isn’t always timely in detecting latest threats.
QUOTE: Much has been said in recent weeks about the state of AV technology. To add facts to the debate, Lastline Labs malware researchers studied hundreds of thousands of pieces of malware they detected for 365 days from May 2013 to May 2014, testing new malware against the 47 vendors featured in VirusTotal to determine which caught the malware samples, and how quickly. Some other interesting findings of this Lastline Labs research:
1. On Day 0, only 51% of AV scanners detected new malware samples
2. When none of the AV scanners detected a malware sample on the first day, it took an average of two days for at least one AV scanner to detect it
3. After two weeks, there was a notable bump in detection rates (up to 61%), indicating a common lag time for AV vendors
4. Over the course of 365 days, no single AV scanner had a perfect day – a day in which it caught every new malware sample
5. After a year, there are samples that 10% of the scanners still do not detect