Antivirus Software Overview
What is Antivirus Software?
Antivirus software is a program or set of programs that prevents, searches for, detects, and removes software viruses, and other malicious software.
As the threats multiply and new viruses are created, virus software tools have to be constantly updated to keep ahead of new malware threats.
The threat has expanded greatly beyond just computer viruses. There is now a large number of different types of malware. This includes browser hijackers, ransomware, trojan horses, worms, adware and spyware, and other threats like spam and phishing attacks. To address the growing range of threats, many vendors are bundling their antivirus offerings with other security features to create comprehensive security packages across company sizes.
How Threat Detection Works
There are several different methods that an antivirus engine uses to detect threats, including:
Signature-based detection where a threat is compared to a database of known malware signature
Heuristic detection, based on analysis of characteristics often used in malware
Data mining approaches
Most tools function in a similar manner, by scanning files or directories for malware or malicious patterns. Scans can be scheduled and specific files can be initiated at will. Antivirus tools also remove any malicious code and clean up anything that requires attention after the virus has been removed.
Antivirus Software Features & Capabilities
Malware detection and removal
Automatic Virus Updates
Antivirus Software Comparison
To compare different antivirus products, consider these aspects of the software:
Types of detection offered: there are a variety of methods to detect and block malware. Some of the most popular methods include signature based, which catches malware from a preestablished list, as well as watching for predetermined signals that content may be malware. More niche methods include sandboxing, which tricks malware into activating outside your network, and data mining. WHile most antivirus software covers the main methods, some more specialized users, such as service providers, may require extra detection methods.
Security Suite vs. Standalone: While there are some standalone antivirus offerings, most antivirus capabilities are components of broader Endpoint Protection or Security software packages. Very small businesses or contractors may only need standalone antivirus, but most SMBs, and all enterprises, will require broader endpoint security features like firewalls, Endpoint Detection and Response, and Data Loss Prevention.
Ease of Management: Antivirus software varies in the amount of management and user interaction it requires. Some products are fully automated and vendor-managed, while others allow, or require, more user input and interaction. If an organization does not not have a dedicated IT team, or a team of one, it will be more important to use a product that requires minimal maintenance post-implementation. Reviewer feedback will provide a gauge of how much long-term management a given antivirus software will require.
Free antivirus software is usually designed for personal use, and lacks many of the more developed features tailored for business use. Pricing for business-level antivirus software is usually by device by year, and prices vary from $20-30 to several hundred dollars, depending on the number of devices supported. Some vendors also offer different pricing tiers depending on specific services and capabilities offered to each license seat.