InfoWorld - Security Adviser: To detect 100 percent of malware, try whitelisting 'lite'

/Home/Internet Security: Blogs/Internet Security: InfoWorld blog/InfoWorld: Security Adviser 2013

Few want to live with whitelisting's overhead and restrictions -- so run it in audit mode to detect all malware coming your way

By Roger A. Grimes
DECEMBER 31, 2013

Every antimalware scanner claims to catch 99 to 100 percent of malware. But how can that be true? If it were, our computers wouldn't get infected nearly as much as they do, and the antimalware industry would have roundly defeated its malicious foes by now.

Tests against real-world malware show that, over time, even the best scanners miss a significant portion of the total. That's understandable. There are nearly 180 million malware programs, and more than 200,000 new malicious programs are produced every day, according to AV-Test. Plus, malware writers usually test their creations using aggregated virus testing services, such as VirusTotal, which throws malware at dozens of antivirus engines at once. Many malware writers even sell their programs with money-back guarantees against detection.

Let's be generous and accept that an antimalware product's claim that it can stop 99.9 percent of malware is accurate. That's still 200 malware programs per day that aren't being detected.

How do you stop malware when so much of it is seemingly undetectable? Two words: Use whitelisting.

Click the URL above to read the full article