The debate concerning the best antivirus product has been raging in cyberspace for more than two decades. Once upon a time, Norton Antivirus was considered by everyone in the know as the best product available. But, in the opinion of many security professionals, Norton hasn’t kept up with the ever-changing threat, resting on their laurels from when the industry was in its infancy.
There are dozens of products that you can choose from. So many products that it all becomes quite confusing. When you’re looking for the best antivirus product, what product do you choose? Personally, I choose Kaspersky Internet Security (KIS) or ESET Smart Security (ESS), depending on what type of machine it’s being installed on. Here’s why I call these two products the best antivirus available.
Kaspersky Labs and ESET Are More Responsive
I belong to a group online that actively looks for virus threats, tests suspicious or suspect files, and then submits our reports (that are compared within the groups to ensure accurate results) to the major antivirus vendors. We send these reports along with a sample copy of the malware itself so they can test it, to Avast, AVG, Symantec, Kaspersky Labs, ESET, and about 15 others on a regular basis.
Regularly, Kaspersky and ESET are the only two that immediately incorporate the detection algorithms into their software. Kaspersky even sends out a thank you note. Others sometime take up to four weeks to create their detection algorithms and push them out to their user community. Four weeks is far too long for these new detection algorithms to reach the users.
KIS and ESS: Best Detection Rates
According to a fairly recent report by AV-Comparatives, there are only two products with better detection rates than Kaspersky and 13 with better detection rates than ESET. The report shows that Kaspersky misses detection of almost one percent of the known and unknown viruses, more commonly referred to as malware by specialists, with ESET not detecting a little over two percent.
Products such as Panda, G DATA, AVIRA, and F-Secure show a better detection rate, but this report doesn’t mention one very important factor: The programs with these higher detection rates also have, as far as many specialists are concerned, an extremely high rate of false detections.
A false detection can be likened to your car alarm being triggered when a big truck drives by. There is no real threat, but the product detects a threat and eliminates an innocuous file nonetheless. Kaspersky and ESET don’t have this problem.
I know. I can hear you now: “Mike, I use Microsoft’s free antivirus product and the report you are showing us says it only missed seven percent of the samples that were submitted to it. How bad can a seven percent miss rate be when the product is free?”
That’s a good question. Normally, a miss rate of seven percent of a small sample size would be more than acceptable. However, the sample size of known viruses, as well as mutations and variations of these known viruses is not small. ZDNet did a story about this last year. In this story, their research (with the help of Symantec and Norton) showed that there were more than 17 MILLION known viruses circulating throughout the Internet. So, even Kaspersky’s approximately three-quarters of one percent means that even Kaspersky (my favorite) misses more than 125,000 known viruses. This means that the seven percent missed by Microsoft product means that it misses about 1,190,000 viruses.
There’s truth in the old saying “You get what you pay for.” This is especially true when you’re talking about antivirus software. There’s also this little nugget that needs to be remembered: The people writing these viruses are constantly writing new ones and making variants of the old ones. That number of 17,000,000 is the KNOWN viruses.
Just to inject a little sanity in the discussion: The number quoted in the ZDNet story is somewhat misleading. Normally, a virus detection can go one of two ways: valid detection or false positive. Obviously, a false positive occurs when the products makes a mistake. The main reason the number in the story is so high is mostly due to what’s known as malware variants.
The number of true viruses is much lower, according to the experts I respect, and everything else is a variant. You can see what I’m talking about a little better by visiting Virus Bulletin. You’ll have to register for a free account to view the reports. These guys list a much smaller list of malware, each of which is the basis for hundreds, if not thousands, of variants.
A malware variant can be looked at like a car, like a Subaru Justy. It’s still a Subaru, but it’s got enough qualities that make it different from a Forester, but underneath it all, it’s still a Subaru.
Why I Choose KIS and ESS
Another reason why I choose KIS and ESS can be found in the last name of the respective products — Security. These two products also come with completely interactive firewalls that give an added layer of security to my computer and my network.
Kaspersky also comes with what’s known as a “Sandie Box.” This is an independent operating environment that I can open suspect files in without worrying about any payload inside that file being able to infect my computer. Most of the other products don’t have this type of feature.
The one problem I have with the Kaspersky product is that it has what we call a big footprint. This means it takes up quite a bit of system memory and processing power. So, it gets installed only on desktop computers with enough memory to handle it and I install the ESET product on my laptops. Both products retail for about $60 for a one year license.
I think you’ll agree that Kaspersky Labs and ESET rank among the best antivirus programs out there.
Photo credit: ThomasThomas