On Mon, January 18, 2016 09:38, Dennis Peterson wrote: > To expect an individual vendor to be as effective as the pool is idiocy. fail, because one system relies only on one vendor > If it were possible the pool would be unnecessary. fail, because this should only be a opinion of 3rd party and not a consulting mechanism at a regular basis, because of antivirus failure ...
> Because VirusTotal consults all of them they have greater opportunity of > returning a hit than any single vendor and that artificially makes them > look more effective. depend on how you interpret this: https://www.virustotal.com/en/file/9bca9c9581182d3d6ed015179a12f68c94fa21b11cb3ef98a16265cd70fd7032/analysis/1453098213/ in case you interpret this to be a threat found by one vendor you are right; if you think, that this could be also a false positive by one vendor you are wrong; > There will ALWAYS be a disparity among antivirus vendors > regarding signatures for a particular threat. right, and this says something about the quality of a antivirus vendor; > Malware will always arrive faster than a response can be launched and > these threats don't land in the queue of all the vendors at the same > time. this is right, but weeks or months after the first occurence of specific malware every antivirus vendor should detect this; _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
