AV Software Isn't Dead, But It's Not Healthy

dasButcher writes "Is a conventional signature-based antivirus technology dead? Trend Micro CEO Eva Chen says no, but more is needed. Her answer: reputational analysis. Not a bad idea, but many have tried and failed to make this type of approach work. We've seen it all before: RBLs, integrity grading, etc. What will make this different? If we're not careful, Trend Micro might give us all a bad Web reputation. "

This is why reliance on AV software is dangerous

[Alioth]

Funnily enough, I just wrote about this:

http://slashdot.org/~Alioth/journal/167405 - includes a link to a major study of a piece of malware which went undetected by the AV companies for months.

Or just go to http://www.secureworks.com/research/threats/gozi/ if you don't want to read my crap.

I've personally witnessed two malware infections where the malware arrived up to a week before the AV companies had updated their definitions.