Panda Takes Pause to Reconsider AV

Panda Security is doing something interesting, publicly scrutinizing the viability of its own anti-virus technologies (and those of its rivals to an even greater extent I'd bet) in an upcoming Webcast.

But it's clearly a discussion worth having.

This week at the Black Hat Security 2008 conference in Las Vegas, and its sister Defcon show, some of the smartest and most creative people in the vulnerability and IT security research business will show off a wild array of methods they've created (or at least deduced) to circumvent traditional on-premises anti-virus and systems defense mechanisms.

For a while now, even the largest "AV" vendors—including Symantec—have admitted that traditional malware defense systems aren't catching quite a few of the attacks, particularly those designed with newer techniques, such as short-run targeted threats that cut at vendors' abilities to establish attack patterns.

Whether it's stronger behavior monitoring tools or whitelisting, or more likely some combination of both, the answer to what it is that will eventually replace today's ubiquitous signature-based technologies isn't completely clear. And pretty much everyone in the space admits it, with most vendors preaching layers of different defenses aimed at thwarting all the various attacks.

"The technology behind anti-virus today is highly inefficient when it comes to protecting against modernized threats," Panda said in a press release announcing the event. "This is fueled by the fact that vendors simply can't keep up with all of the new malware surfacing each and every day. The situation has created a breakdown in the quality and effectiveness of their underlying core technology."