Comments on: Secunia exploits security suites flaws

A nontraditional test using exploits instead of malware shows that traditional security suites fail.

[goodspeed8701]

This is a good reason why i dont use anti virus on my vista.

[skrubol]

I don't on my gaming machine either. I just have to remember to be careful where I go on that machine, and always pass downloads through another machine.
Windows Updates + Common sense > Antivirus

[malynj]

They appear to have only tested the consumer versions of antivirus products. There are vendors who sell HostIPS products on the corporate side, as well as other behavior monitoring/blocking programs, that would be a better fit for this test. AV is primarily signature detection only by nature. HostIPS and other behavior programs would be the area of software that is intended to protect against known exploits regardless of signature detection. AV vendors should begin including HostIPS type technology in their products, but currently the vendors sell these as separate standalong products. If the goal of this testing was to change the nature of the features bundled with AV products, they should have included the HostIPS-type products in the tests, then shown that these products should be bundled together with the AV products to better protect the consumer.

[eiverson]

Secunia rightly points out that signature-based-ONLY defenses are inadequate in a world where malware-makers are increasingly altering the signatures of their wares systematically. More here on that:

http://www.securitynowblog.com/endpoint_security/secunia_report_signature-based_antivirus_misses_most_unknown_malware

As for host intrusion prevention system (HIPS) products being the answer. I would caution people to consider that the medicine can be as bad as the illness it seeks to prevent. Its very important that one balance usability and security when considering answers.