Hi, On Tue, Jun 20, 2017 at 4:13 AM, Marc Stürmer <[email protected]> wrote: > Zitat von Alex <[email protected]>: > >> We all have clamav+sanesecurity, but what others are people using? >> Sophos is horrible. Hardly worth it. It doesn't scan for nearly any of >> the popular vectors now. > > The truth is that all virus scanners do suck equally at preventing the > spread of new viruses at all. Because when a new wave hits the fan, the > antivirus companies first need to update their signature databases and then > you still need to download the update, which gives the bad guys plenty of > time to spread their unholy stuff like wild fire.
This is true to an extent, but many virus vendors are now creating different categories of service - separating virus scanning from malware scanning and phishing protection. For example, the virus scanner that's available from Sophos for use with Linux is extremely basic and only covers things like exe viruses and not phishing attacks or even malicious PDFs. Virus scanners are mostly reactive, but not entirely. The other differentiator is the breadth of networks they have to capture the zero-days the fastest and get it out to their customers.
