A recent study and presentation at USENIX is making some waves in the AV world as the researchers claim their CloudAV is 35% more effective than tradition AV (note the slight abuse of statistical data there - 35% more effective means AV is at 73% and CloudAV is at 88%). I don't dispute their stats, but my question is...so?
While CloudAV (essentially 12 AV products combined) is more effective than a single AV, their are some serious logic flaws in thinking CloudAV is going to protect the end user. In fact, if a company went 100% to CloudAV, I would guess they would get owned rather quickly.
First, CloudAV assumes all files will pass through their network - what about sneaker-net?
Third, 88% effective still leaves a lot of room for malware. Or to put it another way, would you play Russian roulette with a 1/10 chance of losing?
So, while I applaude the idea and the thought process...there are some huge holes that need to be addressed before CloudAV ever protects my PC. I'll stick to my virtual machine + snapshots solution!
I should mention that I am part of the Airscanner crew, who does offer AV - along with numerous other security products...so, perhaps I am a bit biased? That said, I am also more informed than the average consumer.
Take advantage of special member promotions, everyday discounts, quick access to saved content, and more! Join Today.
Cisco Firepower Threat Defense (FTD): Configuration and Troubleshooting Best Practices for the Next-Generation Firewall (NGFW), Next-Generation Intrusion Prevention System (NGIPS), and Advanced Malware Protection (AMP)