Carey Nachenberg

Contrary to some industry observers, antivirus software is not dead. It is, however, undergoing a game-changing transformation. It has to. After all, the current model of detecting viruses through blacklisting simply cannot keep pace with the unprecedented volume of malware released every day. To continue to be effective, antivirus must transition from the current signature-based model to a new hybrid model that uses whitelisting to allow trustworthy applications, blacklisting to block prevalent known malware, and reputation-based ratings to automatically categorize the "long tail" of unknown malware and legitimate software. An Inflection Point By some measurements, the volume of malicious software is now outpacing the production of legitimate programs. Symantec recently ... (more)