Trend Micro's CEO says 'AV industry sucks'

This is why we need “Prevention” instead of “Detection”. Security Firms are now realizing this!


While I agree that prevention is always the key, I find her reasoning flawed in a number of ways. First of all, the fact
that there are some 5.5 million virus variants out there is not a failure of the AV industry, its a testimony to the number of malware writers out there who want to compromise our PC’s for fun and profit. And basically the nature of the threat itself.

Second, Trend micro has been in the AV business for twenty years, yet they have never gotten their act together sufficiently to run with the best of the best, which are basically AV’s from Kaspersky, NOD32, and Avira as a long standing trend. And when she sees the AV competition as coming from companies like Norton and Panda, she is in a sense seeing the competition coming from AV’s like Trend Micro, namely AV’s that use marketing to command a market share, their performance cannot justify if AV consumer’s were smart. When we look at the market share Kaspersky, NOD32, and Avira have, one must somewhat reject that old saying, if you build a better mousetrap, the world will beat a path to your door. And embrace the concept that people in general, are not very smart and will let marketing and not unbiased quality ratings influence their decisions.

Then thirdly, she starts mumbling about getting the viruses and trojans while they are up in the clouds, which I assume means getting them as they are being passed mindlessly from server to server on the internet, and intercepting them long before they reach the end user. Actually not a bad idea, but its certainly not, IMHO, implementable on a single AV company basis. If all AV companies work together, it might be an good idea.

I think that strong AV’s at the internet service provider could be a good step forward… People would pay for that.

Not disagree with the fact that the Kyle idea is good, but that was tried by quite a few ISP’s in the past and its somewhat a dying trend. My ISP used to screen incoming email but dropped it, partly because they had to charge more for the service.

Prevention as your first line of defense will protect you against more threats than Detection, period!

So what will you choose?

Of course you need a layered security architecture, but we have to stop selling half-baked detection technologies that half-protects the users (or less than half according to stats).


Speaking of VirusTotal, you should submit CAVS3 to them to be used as part of the grouping. Then you can see how it stands up against others, like submit a file know to be infected and see if CAVS3 detects it and if others do as well. :stuck_out_tongue: Might be helpful.

Sure, we will.