Vulnerabilities / Threats
6/22/2011
12:31 PM
50%
50%

The End Is Near For Paid Antivirus On PCs

The rise of free but "good enough" software spells an end to the days of having to pay for PC antivirus software.

Is the era of not-free antivirus software drawing to a close?

Since before the days of the "I Love You" virus, a best practice for both consumers and businesses has been to buy and run antivirus software on their PCs. But all that's changing--at least, the paid part.

According to data collected by software management vendor OPSWAT, from March to May 2011, the top five most-used antivirus products in use in North America were Microsoft Security Essentials (16%), AVG Anti-Virus Free (11%), Avast Free Antivirus (7%), Norton AntiVirus (6%), and Mcafee VirusScan (4%). Interestingly, three of those are free.

As statistics go, OPSWAT's numbers may not be definitive. Rather, they represent a sample of 43,000 PCs that are running the company's software framework, which can detect antivirus software installed on their PCs. Accordingly, that equals data points drawn from business users, meaning the incursion of free antivirus into enterprise markets may be sharper than you'd expect.

That shouldn't be surprising, however, since free antivirus regularly finds a place in "top 10" third-party antivirus software rankings. "The good antivirus is a free antivirus, we all know this. Avast is good, AVG is good. So many people are 'good enough' that where is the market, if antivirus is free?" Eric Domage, manager of western European security research and consulting for IDC, tells me. "This is a highly commoditized sector. It used to be a market, but now it's a commodity--look at what Microsoft is now doing for free."

When Microsoft unleashed its free Microsoft Security Essentials antivirus scanning engine in 2009, antivirus vendors cried foul and their stock prices took a hit. Cue protests again in 2010 when Microsoft began automatically installing it on PCs that weren't running any antivirus. But in the scheme of things, if Microsoft built Windows, shouldn't Microsoft keep it clean from viruses? At least, that's one line of thinking--and soon the point may be moot.

Indeed, an interesting change happened on the way to commoditized antivirus: Incumbents began making other plans. "McAfee and Symantec have decided to escape this market," says Domage. Symantec, for example, bought storage vendor Veritas and desktop management vendor Altiris, enabling it to move further into those markets. Likewise, McAfee has moved into compliance--not to mention having been acquired by Intel, which may build its software into its devices--while Trend Micro has gone 100% cloud-based. CA also exited the antivirus game, selling its endpoint security group last month to a venture capital firm, which renamed the business as Total Defense.

Meanwhile, last year Apax Partners purchased a majority stake in Sophos for $830 million, and more recently added firewall and unified threat management vendor Astaro to the mix. "This, with some other acquisitions, make the Sophos company very interesting now," he says. "It's a global player in security." But it's no longer just an antivirus vendor.

Today, when it comes to straight-up, PC-based antivirus, "everyone is struggling, even Kaspersky is struggling," says Domage, despite its posting 2010 year-on-year revenue gains of 38%. In January, however, Kaspersky announced that venture-capital firm General Atlantic had paid $200 million for a 20% share in the company. Recently, it also announced a deep management review, transferring more responsibility to executives based in the United States. And the company is now evaluating possible moves into mobile security, compliance, and encryption or other types of data security.

"They've had the VC come in because they didn't know how to do the diversification--they're very good Russian engineers, but they're not experts at global diversification," says Domage. "They've been the world leaders at antivirus, but what if you're the last one?"

Diversification, however, isn't the only option. For example, in China, the makers of the free 360.cn antivirus software make their money in part by selling their software to manufacturers, who include it for free with their products. "If you buy a fridge, you get antivirus. If you buy a microwave, you get antivirus. It's a goodie," says Domage.

When it comes to enterprise IT, one selling point for paid antivirus running on PCs has been ease of management. But why manage antivirus at all? Indeed, it's a short step from paying an annual per-user subscription fee for antivirus signatures to power your endpoint security scanning engines, to paying a per-user annual subscription fee for a vendor to manage antivirus via the cloud.

In other words, expect paid antivirus running on PCs not to end with a bang, but with a "why bother?"

Small and midsize businesses are falling prey to cyberattacks that cost them sensitive data, productivity, and corporate accounts cleaned out by sophisticated banking Trojans. In this report, we explain what makes these threats so menacing, and share best practices to defend against them. Download it now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: good one 
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-3439
Published: 2015-08-05
Cross-site scripting (XSS) vulnerability in the Ephox (formerly Moxiecode) plupload.flash.swf shim 2.1.2 in Plupload, as used in WordPress 3.9.x, 4.0.x, and 4.1.x before 4.1.2 and other products, allows remote attackers to execute same-origin JavaScript functions via the target parameter, as demonst...

CVE-2001-1594
Published: 2015-08-04
GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics printer FTP service, (4) eNTEGRA for the eNTEGRA P&R user account, (5) insite for the WinVNC Login, an...

CVE-2002-2445
Published: 2015-08-04
GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password of (1) root.genie for the root user, (2) "service." for the service user, (3) admin.genie for the admin user, (4) reboot for the reboot user, and (5) shutdown for the shutdwon user, which has unspecified impact and attack vectors.

CVE-2002-2446
Published: 2015-08-04
GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which has unspecified impact and attack vectors.

CVE-2003-1603
Published: 2015-08-04
GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) "2" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors.

Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!