Sunday, November 27, 2011

PC Magazine Best Products of 2011 - Best of the Year – Security

PC Magazine has released their best products of 2011, best of the year 2011 compilations. The compilation has their Gold and Silver products for approximately 20 categories, providing a paragraph of detail for each product. In the security category, below are some of the Gold recipients.

• Antispam – Cloudmark DesktopOne Basic
• Antivirus –Webroot SecureAnywhere Antivirus
• Security Suite – Norton Internet Security 2012

All the above (obviously), received Editors Choice designations. To view details about the security Gold and Silver recipients, as well as recipients in the other categories for PC Magazine Best Products of 2011 go to,2817,2396200,00.asp

More comprehensive reviews for the Gold and Silver recipients and their competitors can be viewed on For a listing of a number of PC Magazine Best Internet Security Suites 2012 and Best Antivirus Software 2012, sorted by the number of stars received, go to and , respectively.

AV-Comparatives Anti-Virus Comparative Retrospective Test - November 2011

AV-Comparatives has released their Anti-Virus Comparative Retrospective Test (static detection of new/unknown malicious software) – November 2011. Twelve vendors were included in the test. In general, the company’s antivirus 2012 products were used, not the internet security suite 2012 products.

Seven vendors received advanced (3 star) ratings In Av-comparatives November test. In order, these were G Data, Avira, Eset, Kaspersky, F-Secure, and BitDefender. These all received 3 star ratings in the previous test, as well. .

Advanced Plus (3 star ratings) were received by 10 vendors in August, G data, Avira, Panda, F-Secure, BitDefender, Kaspersky, ESET, Avast, McAfee, and Trend Micro. .

The table below combines a couple of results. The November test results for proactive detection of new malware (first two columns) and the Q3 AV Comparative test rankings. Note that the order in the table below doesn't match the order for the three star rankings, which take other factors into account.

The November test evaluated only the offline heuristic/generic detection of the products against unknown/new malware, without the need to execute it or to submit it against anything else.

According to AV-Comparatives, a number of vendors declined to participate in the test. “In their opinion (the vendor), their product’s real-life capabilities are not adequately represented in the retrospective test to the absence of a live Internet connection or because URL blocking is not considered.” See page 4 of the report for additional details.

AV-Comparatives is an Austrian Non-Profit-Organization, which provides independent Anti-Virus software tests free to the public.

Go to the AV-comparatives website for complete details about the organization, the many tests they perform, and to download copies of tests.

Monday, November 21, 2011

October 2011 Whole Product Dynamic Test

The top five products in the and the "Whole Product Dynamic Real World Test” - October 2011 has some major antivirus and internet security suite vendors switching positions. Only two of the top five from September remained in the top five. The top ones – G Data, Kaspersky, Qihoo, Symantec, and BitDefender. Webroot, PC-Tools, and Avast were the “bottom” performers, rounding out the bottom three. Avira was the top free performer. Blahopřeji.

October Results AV– Whole Product Dynamic Test

1. 99.6 – G Data
2. 99.6 – Kaspersky
3. 99.6 - Qihoo
4. 99.6 – Symantec
5. 99.4 – BitDefender

“Compromised” was the tiebreaker in the above.

September Results Whole Product Dynamic Test

1. 99.7 – BitDefender
2. 99.0 – F-Secure
3. 98.8 – Trend Micros
4. 98.7 – McAfee
5. 98.7 - Symantec

To see complete results for October (twelve more vendors), go to and view the monthly report. More important though, are results over a period of time. You can play with the interactive report.

And the Next Security IPO is…

You know what it means in the United States when holiday decorations start appearing in malls. Thanksgiving is just around the corner, and the IPO rumor mill starts up again. November 17 blog - And the next IT security IPO is… . What do you believe the prospectus (sic) are?

About -

AV-Comparatives is an Austrian Non-Profit-Organization, which is providing independent Anti-Virus software tests free to the public.

Friday, November 18, 2011

San Francisco Tech-Security Conference – November 17

It was a full day of talks and a 50-company exhibitor room for attendees at this security event. Presentations were given by McAfee, Cyber-Ark, Axway, Centrify, WatchGuard, Netgear, Blue Coat, Invincea, and Endace.

The slick security award has to go to Invincea. They are a venture-backed software company. They provide desktop security to companies with Invincea™ Browser Protection. Invincea™ Browser Protection shields PC users against all types of Web-borne threats by moving desktop Web browsers into a controlled virtual environment. Invincea creates a fully isolated browser environment to help deliver PC protection. The product automatically detects and terminates a threat in real time and disposes the tainted environment. It than restarts a new one.

SC Magazine loves the product. Peter Stephenson in the January issue of SC Magazine wrote, “What we liked: Ease of use, small footprint and very creative use of a virtual machine to contain the browser and keep the malware out of the computer” The company also has a Document Protection solution. Invincea is still a privately held company. No hints about an upcoming IPO. Let’s hear it for virtual machine technology. This goes well beyond what McAfee SiteAdvisor and AVG LinkScanner offer in protection.

It’s always interesting to talk to vendors while others are running around getting their “qualify for the drawings” card initialed. Some random observations:

Say “NGFW” and security companies will respond “Palo Alto Networks.” Other companies are offering the technology, but for the time being, Next Generation Fire Wall is Synonymous with Palo Alto Networks. They weren’t at this event, by the way, (cheapskates) while Fortinet, Websense, Blue Coat and SonicWall were.

Netgear presentation bite – “Experts believe Scareware is one of the payloads that make attackers the most money.” They pushed the layered defence (sic) strategy. Gartner gives them #1 share in the sub $5k market share and #4 in the sub $25k.

Invincea - “Polymorphics will make signatures obsolete.” “$398B of research has been put at risk because of China and Russia.” “Asking our users to make the correct decision every time is a complete pipe dream.” The presenter also showed a slide from a Cyveillance study showing that F-Secure Kaspersky and Nod32 (Eset) were the quickest for Day 1 Anti-Virus “Effectiveness”.

WatchGuard – Stated that surveys of employees have shown that they spend 3 hours daily, on average, at work on personal related web surfing. Much of their presentation focused on how their product delivers granular web application control.

Axway – Considers using the cloud to perform file transfer still to be not quite fully secure. He also quoted a Ponemon Institute that the average cost of a data breach is $202 per record or$6.6M per breach. They’re in the Leader’s Quadrant (Gartner) for Managed File Transfer, Business to Business Integration, and Email Encryption.

The primary focus of the presentations was on education/knowledge sharing with only a few slides at the end being devoted to product pitches. These presentations weren’t deep dives into the company’s technologies. For the most part stats tossed out were current.

Antivirus, antimalware vendors mentioned as being “under the hood” for different vendors’ products: Commtouch, Kaspersky, Sophos, AVG. Present at the show - Eset (showing some older studies, dudes), Kaspersky, McAfee, and Sophos.

Now About Those Tchotchkes

A marketing professional at a leading edge consumer software company believes that a company's standing on the innovation scale is directly related to the creativity of their tradeshow giveaways. That said – pens, stress balls, more pens, breath mints, more breath mints, an environmentally friendly shopping bag, a squishable car shaped stress ball, a year subscription for the company’s internet security suite, something to clean your mobile phone screen, pens with a blinking red ball at the top.

The most useful tchotchke – Tectia and their aluminum sport water bottle. Winner on the cool scale - some kind of battery power multi colored LED spinning fan “thing”. A quite optimus giveaway by Blue Coat. The most impressive giveaway at the end of the day - a $700 WatchGuard appliance.

The most attended presentation was the last one. Attendees had to be present and had to have had their gift drawing card initialed by participating vendors to be eligible for the drawings. Hence, the occasional mad dash of individuals to get those puppies signed.

About the Organizers

These events are put on by . It appears that about 50 of these are scheduled to take place in 2012.

Tuesday, November 15, 2011

Cyber Security Smackdown – Organized Crime vs. Agile Start-ups - VLAB

Great panel discussion put on by VLAB (MIT/Stanford Venture Lab) on November 15. The topic: Cyber Security Smackdown – Organized Crime vs. Agile Start-up. Part of the event description - Most organizations are unaware they have been hacked until it is too late. Just as the Mafia at the turn of 20th century changed the law enforcement landscape, black hat hacking has become a profitable, illegitimate business that harms individuals, companies, and national security. McAfee estimates that global cyber crime cost corporations and individuals over $1 trillion annually.

Some sound bites that came out of the discussion:

• IPv4 versus IPv6 – With respect to the “volume” of IP addresses that can theoretically be connected to the internet: Think of a golf ball versus the size of the sun.
• There are two kinds of companies when it comes to their preparedness for being hacked. Those who have been compromised and those that are still unaware of how vulnerable they are.
• Wells Fargo thought that one of the apps they had created for customers was just sitting out there until they hired one of the panelist’s companies. They then found that the app had been downloaded several million times. Kind of surprising that “someone” in the IT group didn’t realize this.
• Antivirus companies have been failing in protecting their customers. The solution(s) for protecting companies will not come from developers these companies.

Interestingly enough, Trend Micro Executive Eva Chen had a Q&A with CRN ( in March 2004. Chen stated in response to a question about security management, “The other thing we are thinking about is outbreak prevention. We always say we are in the antivirus business. But I was so frustrated that I called our CEO, Steve Chang, and said we've been lying to our customers for 10 years. We call ourselves antivirus, but we have never prevented a virus from hitting our customers'"

• Companies need to look at any agreements they have with companies such as Microsoft, Amazon, etc. regarding security. In general, these sites have a statement regarding keeping your company protected: they aren't responsible for security lapses. But, they can hold your company responsible if they suffer damages because of the relationship.
• Question from the audience – “How can a company with a low budget stay protected?” Answer, “Try to maintain a very low profile.”
• Social engineering or gaining an entrée through an internal employee is how many cyber criminals get into a company.
• More than a few developers are good guys during the day and bad guys at night (colloquial restatement.

What does this mean with respect to security? Don't slash that budget. Look to some of the smaller companies. Read your agreements with the larger companies you are doing business with and may be relying on for protection.

Panelists for the discussion:

Jeffery Carr - Carr is the author of "Inside Cyber Warfare: Mapping the Cyber Underworld" (O'Reilly Media 2009). He is also the founder and CEO of Taia Global, Inc., a boutique security-consulting firm for Global 2000 companies.

Mike Eynon - Eynon is the Co-Founder, President of Silver Tail Systems, has substantial experience in building fraud detection and prevention tools for some of the highest traffic, and fraud targeted websites on the internet. Before co-founding Silver Tail Systems, Mike managed payment risk at PayPal, as well as fraud policy at eBay.

Ali Golshan - Golshan is the Co-founder & Chief Architect at Cyphort. Golshan has over 12 years of experience in Security, Virtualization, and Data Mining using Probabilistic Pattern Matching. . Currently in stealth mode.

Marc Goodman -Marc Goodman is the Founder and Chairman of the Future Crimes Institute. Additional information is available at

Jacques Benkoski - Benkoski joined US Venture Partners in 2005. Before joining USVP, Benkoski was President and CEO of Monterey Design Systems from 1999. Synopsys (SNPS) acquired the company in 2004.

About VLAB

The MIT/Stanford Venture Lab (VLAB) is the San Francisco Bay Area chapter of the MIT Enterprise Forum, a non-profit organization dedicated to promoting the growth and success of high-tech entrepreneurial ventures by connecting ideas, technology and people.

Wednesday, November 09, 2011

Time for Hewlett Packard to (wo)man Up on the WebOS Deal

After moving over from a board member position to take on the CEO role on September 22, Meg Whitman and Hewlett Packard moved relatively quickly on deciding what to do about their $40 billion plus PC/laptop division. They hedged their bets and decided to keep it around for a while. Must have been a difficult choice! Admittedly, margins are slipping in this business.

The next burning issue on the plate is what to do with Palm and WebOS. This acquisition took place in spring 2012 to the tune of about $1.2 billion. Then in the intervening months, Hewlett Packard, introduced a tablet, decided to get rid of the tablet and have a fire sale, and then decided to keep the tablet around for a while with an OS from Microsoft. So much for my decision to use these tablets as coasters.

For the time being, Whitman and Hewlett Packard have decided to do “nothing” about WebOS. Do nothing is always easier and much more reversible than sell. It doesn't rank high on the daring scale, though. A couple of potential suitors, including Oracle(?) have been mentioned.

It probably makes no sense to have two tablets running on two different OS’s. That’ll confuse the public and the investor marketplace. Assuming HP’s fiscal year is the same as the calendar year, they have less than two months to sell the company (if that’s their decision) and let it hit the 2011 books.

Great article on “Behind the Woes at H.P., Wall St. Banks Lurk”.

According to the article, it turns out that Hewlett Packard has paid out about $81 million in fees to investment bankers related to the acquisitions they have made over the last two years.

That’s how much Hewlett-Packard is estimated to have paid out in fees to its investment bankers in the last two years for advising it on a series of acquisitions including ArcSight and 3Par (premium of 242%!). According to the article, Hewlett-Packard’s market value has fallen by more than $40 billion during this period of time.

With respect to the decision to keep the PC division, “The costs and the risks of separation are simply greater than any value we could create,” Ms. Whitman said by way of explanation.

Meanwhile, the shareholders are losing out. One redeeming thing about the above; Whitman is taking a base salary of $1 for the upcoming year. Any further pay will be in bonuses and stock appreciation.

Best Antivirus Software - Readers Choice Awards 2011 –

Mary Landesman and have announced their Readers Choice Awards for Antivirus, Internet Security Suites, and Free Antivirus. The complete text and link to the article is below. These are popularity contests and don’t reflect the ability of the software to actually stop anything (though one would think that that’s what readers are interested in). For example, Rubenking of PC World tends to like Norton for their internet security suite. Comodo did win a popularity context. The folks at Avira have to be pleased with the results below. No details on the number of participants, whether people could vote more than once, etc.

Best Windows Antivirus for 2011

• GFI VIPRE Antivirus: 44%
• Avira AntiVir Premium: 28%
• ESET NOD32 Antivirus: 18%
• ZoneAlarm Antivirus: 6%
• Norton AntiVirus: 3%

Best Internet Security Suite for 2011

Some surprises in this table.

• Comodo Internet Security: 42%
• Panda Global Protection: 26%
• ESET Smart Security: 25%
• Kaspersky Internet Security: 4%
• Norton Internet Security: 3%

Best Free Antivirus

• Avira AntiVir Personal: 62%
• Avast! antivirus: 13%
• Microsoft Security Essentials: 10% (how did they do this?)
• AVG Free: 9%
• Panda Cloud Antivirus: 6%

People looking at the above, may want to look go to ,, and prior to making a purchase decision or downloading. Alternatively, look at relevant blogs on this site! Go to to view results from these blogs, including tables showing the rankings of the antivirus and internet security suite products for 2012 that PC World has tested and reviewed, cross tabbed against some of the test organization's results. It is well worth reading Rubenking's reviews after looking at the rankings. . There are also reviews on by Rosenblatt.

Tuesday, November 08, 2011

SC Magazine Awards 2012 Finalist Selections

SC Magazine has begun announcing their SC Magazine Awards 2012 Finalist selections. They are stretching the announcement out over a brief period on this web site.

Best Anti-Malware Gateway Finalists

• Cisco for Cisco Web Security
• McAfee for McAfee Web Protection
• SonicWALL, Inc for SuperMassive E10100
• Symantec Corporation for Symantec Web Gateway 5.0
• Websense, Inc. for Websense TRITON Security Gateway Anywhere

Best Anti-Malware Management (client-based, typically software only) Finalists

• Bit9, Inc. for Bit9 Parity Suite
• ESET for ESET Smart Security
• GFI Software for GFI VIPRE Antivirus Business
• IBM for IBM Tivoli Endpoint Manager
• Sophos, Inc. for Sophos Endpoint Security and Data Protection v9.7

Best Data Leakage Prevention (DLP) Finalists

• CA Technologies for CA DLP
• NextLabs for NextLabs Enterprise Data Protection
• Symantec Corporation for Symantec Data Loss Prevention
• Trustwave for Trustwave DLP
• Websense, Inc. for Websense Data Security Suite.

Best Web Content Management Product

• Barracuda Networks, Inc. for Barracuda Web Security Flex
• Cisco for Cisco Web Security
• McAfee for McAfee Web Protection
• Sophos, Inc. for Sophos Endpoint Web Protection
• Websense, Inc. for Websense Web Security Gateway Anywhere

Best Mobile/Portable Device Security

• Good Technology for Good for Enterprise
• IronKey for IronKey Enterprise Management Service
• McAfee, Inc. for McAfee Enterprise Mobility Management (McAfee EMM)
• Sophos, Inc. for Sophos Mobile Control
• Symantec Corporation for PGP Whole Disk Encryption from Symantec

There are a total of 32 awards that will be given out by SC Magazine. These include Readers Trust awards, Excellence awards, Professional award, and Editor’s Choice award. Winners will be announced at an awards dinner on February 28, 2012. This will coincide with RSA Security Conference in the US.

Readers Trust Awards winners for 2011 can be seen at Danica Patrick must be pleased. Go Daddy won a Best Security Team award last year.

For more information, go to

Friday, November 04, 2011

October 2011 – Virus Bulletin RAP Averages Quadrant, April 2011 through October 2011

Virus Bulletin has released their latest RAP Averages Quadrant, representing April 2011 through October 2011 data. The top 10 (some eyeballing necessary) Bkis, Coranti, TrustPort, BullGuard, Qihoo, F-secure, G Data, Kaspersky, Nifty, and eScan. Bkis, Coranti, and TrustPort were the obvious top three. All of these achieved greater than 90% on Reactive Detection and Proactive Detection. Avira and Check Point came close but didn’t make the top 10 as they did for the previous quadrant. Bkis, Coranti, and TrustPort held the top three spots for another quarter. Congrats!

Below is a grid mapping this latest RAP test with On Demand Detection of Malicious Software 2011 Test. shortly.

Not all of the top ten in the Virus Bulletin Rap Averages Quadrant. However, there does seem to be a loose relationship where the better performers in the Virus Bulletin test were also the better performers in . Kind of interesting. And, you won't read about the below on either of the two sites. Perhaps a case could be made to IPO these analyses! Or maybe get a free visit to one of the Virus Bulletin conferences.

What’s with Kingsoft solutions? They’ve consistently been in the lower left hand corner of the grid with around 15%/20% with respect to Reactive/Proactive Detection. They’re down there again. In their case, consistency is bad.

The relative performance of vendors can best be viewed by looking at the RAP Averages Quadrant chart at Subscribers to Virus Bulletin's publications have access to more details on the results.

This test measures products' detection rates across four distinct sets of malware samples. The first three test sets comprise malware first seen in each of the three weeks prior to product submission. These measure how quickly product developers and labs react to the steady flood of new malware emerging every day across the world. A fourth test set consists of malware samples first seen in the week after product submission.

AV-Comparatives is an Austrian Non-Profit-Organization, which provides independent Anti-Virus software tests free to the public.

Virus Bulletin focuses its efforts in three main areas: a monthly magazine, an annual conference and bimonthly product certification. Virus Bulletin started in 1989 as a magazine dedicated to providing PC users with a regular source of intelligence about computer malware, its prevention, detection and removal, and how to recover programs and data following an attack.

Thursday, November 03, 2011 Anti-Phishing Test August 2011 Mapped Against Malicious Software Detection has published their first Anti-phishing test 2011. The results are from August and so contain a combination of 2011 and 2012 products. The sample size was under 1000 so some people may complain that this was a bit on the low side. The top 10 finishers are listed below. The range from best to worst was pretty broad: 98.6 for Webroot at the top and 76.3 for Qihoo in the 19th position. TrustPort, which is usually one of the top products for Virus Bulletin’s RAP test, came in 18th at 76.9. Anti-Phishing Results 2011

1. Webroot - 98.6
2. eScan - 97.3
3. McAfee - 96.7
4. Bullguard - 96.1
5. Bitdefender - 94.4
6. Trend Micro - 92.8
7. F-Secure - 92.1
8. Symantec - 89.4
9. Avira - 89.1
10. K7 - 88.7

There was no real correlation when Anti-Phishing results were mapped against’s On Demand Detection of Malicious Software August 2011 Test. Eeeek. One would hope the better products would rise to the top in both tests. Maybe next time.

A major whoops to TrustPort who finished 18th at 76.9%. Also, TrustPort and Bullguard have consistently been top performers in Virus Bulletin RAP Average Quadrant . McAfee and K7, not so much.

AV-Comparatives is an Austrian Non-Profit-Organization, which provides independent Anti-Virus software tests free to the public.

Go to their website for complete details about the organization, the many tests they perform, and to download copies of tests.