Sunday, January 29, 2012

RSA Conference 2012 San Francisco – SC Magazine Awards 2012 Coming to San Francisco

We're now less that a month until RSA Conference San Francisco, running February 27 through March 2. The theme, The Great Cipher, Mightier than the Sword". Free seminars, training, keynote speakers such as former Prime Minister of England Tony Blair, the Expo Hall Pub Crawl, the Codebreakers Ball, and tchotchkes! The event is great for training, to get an advance look at what may be coming up in the trade, and to network with all those people you used to work with at other security vendors.

Visit during RSA Conference San Francisco for at least one “view from the floor” update.

Miscellaneous Thoughts

• When was the last time you even used a pen, with the exception of signing a bill at a restaurant? So why are you standing in line for one or collecting them?
• That t-shirt you’re debating to attend the presentation to obtain will not impress people at your health club
• The woman walking up to you in very high heels and a LBD. She only wants you for your scannable info
• Turning your badge over prior to asking questions at a booth screams, “I work for a competitor and think that this will hide my identity.”
• Go to or to look for places to munch at around Moscone
• If you are working the booth and someone is chatting with you while looking side to side or down: the former, according to neurolinguistic programming, means they are an auditory, the latter, means kinesthetic. At a trade show, it means either they are looking at the people you hired to be in the booth or they are looking for the tchotchkes.
• One letter – “W”. If you have to ask why, you may want to go back to Moscone and attend another seminar or gather some more tchotchkes

Also held during RSA, but not part of it, are the SC Magazine 2012 Awards. These are February 28 Intercontinental Hotel on 888 Howard Street (just down the block from RSA Conference 2012 and the Moscone Convention Center) in San Francisco.

To view some of the finalists for the SC Magazine Awards 2012 - or a comprehensive list at

Free Pass

For information on acquiring a free pass for the exhibitors hall -

Anti-Malware Testing Standards Organization Meeting During RSA

Coinciding with RSA, on February 23-24, the Anti-Malware Testing Standards Organization ( will be having a members meeting. According to their website, `The Anti-Malware Testing Standards Organization (AMTSO) is as an international non-profit association that focuses on the addressing the global need for improvement in the objectivity, quality and relevance of anti-malware testing methodologies. AMTSO membership is open to academics, reviewers, publications, testers and vendors, subject to guidelines determined by AMTSO. The site is also a great resource for free documents on testing guidelines and best practices.

Tuesday, January 24, 2012

AV-Test Product Review and Certification Report – Q4 2011, PC Magazine Best 2012 Internet Security Suites, Top Products from

During November and December 2011, AV-Test ( tested twenty-three consumer and eight internet security products in the areas of protection, repair and usability. The highest score possible in each category was 6.0. The test was on Windows 7. The top 10 products and the total score of these areas is contained in the table below. You’ll have to go to their web site for the individual scores and to download free one page reports on each of the companies. Some consistency between the and organization results. You won't find the total of the three categories on the site. Their summary report is sorted alphabetically.

Those internet security products in the top ten were: Kaspersky Internet Security 2012, BitDefender Internet Security 2012 , F-Secure Internet Security 2012 , G Data: Internet Security 2012, Norton Internet Security 2012 , AVG Internet Security 2012 , AVG Anti-Virus Free Edition 2012 , Avira Internet Security 2012 , Panda Internet Security 2012 , and Trend Micro Titanium Maximum Security 2012.

Where the product was reviewed, the 4th column contains the score from PC Magazine for Best Internet Security Suites 2012. Webroot, while receiving 4.5 out of 5.0 from PC Magazine, only scored a total of 11.5 from AV-test, finishing 21st.The only consumer product failing to be certified, meaning it scored below 11.0 total, was Total Defense Internet Security 2011 with a score of 8.5.,2817,2373529,00.asp

The fifth column contains ratings from AV-Comparatives Summary Report – 2011. This is a must view report, running 129 pages ESET also received a Top Rated from this organization, but only ranked 22nd in the AV-test ratings.


The AV-TEST Institute is a leading international and independent service provider in the fields of IT security and anti-virus research.
The aim of the research work carried out by AV-TEST is to directly detect the latest malware, to analyze it using state-of-the-art methods and to inform their customers of the top-quality results obtained.

About AV-Comparatives.ort

AV-Comparatives is an Austrian Non-Profit-Organization, which provides independent Anti-Virus software tests free to the public.

Go to the AV-comparatives website for complete details about the organization, the many tests they perform, and to download copies of their reports.

Thursday, January 19, 2012

Webroot Kills E-mail Security Service, Plans End-Point Offensive

Webroot notified its US resellers on around January 18 that it intended to exit the e-mail security service business. This is in favor of an aggressive endpoint security offensive. This offensive will be spearheaded by a new anti-malware solution for businesses. This was according to a letter viewed by CRN.

"Webroot is exiting the e-mail security business. We will not accept new business orders or renewals for this service," the company stated in the letter.

Webroot moved quickly. According to a January 19 CRN article, they have sold their archiving business to Sonian. Sonian will add about 1,000 customers as a result of the transaction. Financial terms weren’t given.

Webroot’s new business anti-malware product line, will be based on the Webroot SecureAnywhere consumer offering. The anti-malware business solution will have Webroot going against larger anti-malware competitors such Symantec, McAfee, Trend Micro, and Sophos. The product will be going into beta in February, it appears.

Some Work For Webroot to Do

Exciting stuff. The 800 pound gorillas in the industry will have a new competitor in the business space. However, Webroot may have some work to do regarding this new product, whether it’s improving the scan engine, extending protection to the cloud, improving heuristics, whatever. Below are some results from leading test organizations. The tests took place in the latter half of 2011.

Virus Bulletin – Failed to receive a VB100 award in the December 11 test on Windows 7. – Passed the Nov/Dec test on Windows 7. However, its scores (out of 6) weren’t stellar. 4.0 for Protection, 3.5 for Repair, and 4.0 for Usability. – Webroot came in 17th overall in the August through November Whole Product “Real-World” Dynamic Protection Test. – Anti-Virus Comparative Summary Report 2011. In 9 tests, Webroot received on Adv+ score for performance (AV), an Adv score for the removal test, and Std for performance (suite). Webroot received Tested or N.A. on the remaining tests. – In the Anti-Virus Comparative, Malware Removal Test (December), Webroot came in 7th out of 18 overall with an Advanced (2 stars out of 3) rating.

There are other tests on the website, as well.

While positive reviews from PC Magazine are great, businesses pay more attention to 3rd party test results than consumers do. Also, other competitors have been aggressive in moving scanning and heuristic activity to the cloud. Webroots products were the recommended/preferred product of Best Buy's Geek Squad for awhile.

PC Magazine gave Webroot SecureAnywhere Complete 4.5 stars out of 5 as its top consumer product.

PC Magazine also gave 4.5 stars to SecureAnywhere Complete Antivirus 2012. Both products received Editors Choice designations from PC Magazine.

About AV-Comparatives

AV-Comparatives is an Austrian Non-Profit-Organization, which provides independent Anti-Virus software tests free to the public.

Go to the AV-comparatives website for complete details about the organization, the many tests they perform, and to download copies of reports.

Wednesday, January 18, 2012

Symantec Sued for Scareware Tactics - January 2012

Sometimes marketing tactics can be a bit too aggressive for people. Washington state resident James Gross sued Symantec earlier in January. In the lawsuit against Symantec, he is claiming that Symantec offers customers a free, non-diagnostic scan that fraudulently detects critical issues on people's computers. The scan offers to fix many of these issues free. However, it then prompts the consumer to pay system tune-ups to clean out the rest of the errors. Products in question – PC Tools Registry Mechanic, PC Tools Performance, Toolkit, and Norton Utilities. is owned by Symantec.

According to the complaint, “Symantec intentionally designed its Scareware to invariably report, in an extremely ominous manner, that harmful errors, privacy risks, and other computer problems exist on the user's PC, regardless of the real condition of the consumer's computer."

In its response, Symantec stated, "Symantec does not believe the lawsuit has merit and will vigorously defend the case. The Norton and PC Tools solutions at issue are designed to improve the system performance of our customers’ devices in terms of speed, maintain the health of their machines, and protect our customers’ information.…. Several independent third parties have tested and reviewed these products very favorably, verifying the effectiveness of their functionality."

Included in the Forbes article is the full case - Case5:12-cv-00154-HRL Document1 filed 01/10/12 (filed in US District Court, San Jose (CA) Division.

I went to (CNET) and did a search on “free registry cleaner” for Windows devices. There were 721 products that showed on the list. The first three pages of products had 5 star ratings from the site (sorted by editor rating). One of the two adverts on the bottom of the web page was from “Free Registry Scan. Registry Cleaner Software. Try Now!”

Take these offers with a grain of salt. In addition, don’t click on any pop-up offers telling you that they can speed up your PC or that you have been infected by malware.

Sunday, January 15, 2012

January 2012 – Virus Bulletin RAP Averages Quadrant, June through December 2011

Virus Bulletin has released their latest RAP Averages Quadrant, representing April 2011 through October 2011 data. The top 10 (some eyeballing necessary):

1. Emsisoft
2. Bkis
3. Coranti
4. TrustPort
5. eScan
6. Avira Pro
7. BullGuard
8. BitDefender
9. Avira Free
10. Lavasoft

All of these achieved greater than 90% on Reactive Detection and Proactive Detection. Congrats! There was turnover in the latest test as five companies were replaced in the top 10.

The top 10 in their April 2011 through October timeframe:

1. Bkis
2. Coranti
3. TrustPort
4. BullGuard
5. Qihoo
6. F-secure
7. G Data
8. Kaspersky
9. Nifty
10. eScan

McAfee and Sophos have to be disappointed, again. However, neither Symantec nor Trend Micro are present on this grid. PC Tools, owned by Symantec, was. What’s with Kingsoft Advanced (the lowest) and Rising? These two were at the bottom again.

The relative performance of vendors can best be viewed by looking at the RAP Averages Quadrant chart at

Subscribers to Virus Bulletin's publications have access to more details on the results.

RAP Averages Quadrant

This test measures products' detection rates across four distinct sets of malware samples. The first three test sets comprise malware first seen in each of the three weeks prior to product submission. These measure how quickly product developer and labs react to the steady flood of new malware emerging every day across the wor A fourth test set consists of malware samples first seen in the week after product submission.

About Virus Bulletin

Virus Bulletin started in 1989 as a magazine dedicated to providing PC users with a regular source of intelligence about computer malware - its prevention, detection and removal. And how to recover programs and data following an attack.

Saturday, January 14, 2012

Conversation with Federal Trade Commissioner Julie Brill

Federal Trade Commissioner Julie Brill spoke in front of about 80 individuals munching on burritos (important proof of attendance point) at Stanford Law School on January 12. The Commissioner spoke about the Federal Trade Commission's initiatives to protect consumer privacy. This talk was part of “National Data Privacy Day 2012”. It was sponsored by Center for Internet and Society at Stanford Law School.

One of the significant developments during 2011, according to Brill, was the growing awareness of big data from multiple sources being pulled together to provide information on consumers. Brill called for vendors to “institute privacy by design.” “Should we be collecting this data?” Brill asked. She discussed the consumers’ right to know information is being collected, the right to access it, and the right to collect it.

Do not track mechanisms have been and are being developed by the industry itself, not the government. “To the extent promises are made and not lived up…is something we could take a look at and have”, according to Brill. She felt that consumers should be given information about what is happening to their data.

The most significant action Brill felt the FTC took in 2011 was the proposed settlement with Facebook. “For the first time we are calling on companies by decree to institute a comprehensive privacy programs."She talked about how audit for the next 20 years have been established as part of the settlement.

Brill also touched briefly on the Children’s Online Privacy Protection Act of 1998. “We’re also proposing rule modifications”, she said.

With respect to privacy from the government, Brill said, “We focus on the use of information about consumers in a commercial focus.“

In the international arena, Brill said that the FTC works a great deal with overseas counterparts, in a number of different areas, including enforcement, competition, and privacy. She felt that the FTC’s role in international privacy has grown. “It’s very important to us to have lines of communication with other regulators”, according to Brill.

Other Developments

• There is a draft report being finalized by the commission regarding privacy. Brill said that a number of comments on the draft so far (hundreds).
• Regarding the mobile space - More attention will be paid to this space in the coming year. “Do consumers understand what they are being told?” Brill asked.
• Layered notices – Brill felt that there was a need to give consumers information “in consumer language, simplified notice rather than legalese."
• “For the first time we are calling on companies by decree to institute a comprehensive privacy programs.”

The Stop Online Piracy Act, proposed by Texan Republican Lamar Smith in late October, has received a lot of attention in the press lately. It wasn’t talked about during the discussion.

About FTC Commissioner Julie Brill

Julie Brill was sworn in as a Commissioner of the Federal Trade Commission April 6, 2010, to a term that expires on September 25, 2016. Brill has worked actively on issues most affecting today’s consumers. These include protecting consumers’ privacy, encouraging appropriate advertising substantiation, guarding consumers from financial fraud, and maintaining competition in industries involving high tech and health care.

Wednesday, January 11, 2012

AV-Comparatives Summary Report 2011 – Kaspersky Product of the Year

AV-Comparatives has released their 129 page summary report (anti-virus comparative). Product of the Year award went to Kaspersky who received Advanced + in all nine categories. Top Rated product recognitions for 2011 went to Avira, BitDefender, Eset, F-Secure, and Kaspersky. If for some reason, Kaspersky is unable to fulfill its duties as the Product of the Year….. F-Secure received Advanced+ in seven of the nine categories. Twenty companies are in this extensive report.

The report also gave recognition to individual companies for - on demand protection, proactive on demand detection, false positives, on demand scanning speed, and overall performance (low system impact). There are ~4 page sections dedicated to each product in the AV Comparatives Summary Report 2011, as well.

2011 was a good year for Kaspersky. They continued to catch up to Trend Micro in terms of total revenue. On January 5 of this year, Kaspersky and Eugene Kaspersky were named a Channelnomics 2011 Influencers Award Winner in Security

Kaspersky received 3.5 stars out of 5 from Neil Rubenking and PC Magazine for their Internet Security Suite 2012. Kaspersky offers a number of solutions for both home users and businesses.

Kaspersky scored highly in the just released Virus Bulletin RAP Averages Quadrant June through December 2011. . Bkis and Emsisoft were the top performers in this test. A minus for them – they failed to receive a VB 100 Award in a pair of tests in 2011

Symantec/Norton - Whoops in Latest VB100

Norton AV received a VB100 award in April 2010, didn't participate in a few tests and then failed to receive a VB100 in December 2011 with Norton Internet Security. . The company had had a run of almost 10 years of VB100 awards that ended in August, 2009.

About AV-Comparatives

AV-Comparatives is an Austrian Non-Profit-Organization, which provides independent Anti-Virus software tests free to the public.

Go to the AV-comparatives website for complete details about the organization, the many tests they perforNm, and to download copies of this report.

Thursday, January 05, 2012

Security Acquisitions 2011

Interesting slide show by Channel Insider on the major security acquisitions 2011. No explanation for the order. It’s neither alphabetical nor by value of the acquisition (many of the values not provided).

Dell purchasing SecureWorks, Thoma Bravo acquiring TripWire and Blue Coat Systems (the guys at Thomas Bravo were busy with these two and also have SonicWall), Symantec buying Clearwell, IBM acquiring Q1, McAfee buying Nitro Security and Sentrigo, Sophos buying Astaro, Wave Systems buying Safend, and GFI buying Monitis.

SC Magazine had their own list in the Reboot 2011 December issue. Ones they had that didn’t overlap with Channel Insider – Check Point acquiring Dynasec, EMC acquiring Netwitness, HP and Autonomy (now that got a lot of news!), IBM with Platform Computing, Algorithmics, and i2 (big companies have to do something with all that cash). Imation purchasing IronKey, Oracle acquiring RightNow and Endeca Technologies (what’s a couple of billion $ here and there), redhat purchasing Gluster, and VMware acquiring Shavlik Technologies.

You can pick your reasons for the acquisitions.

• Broadening a security product portfolio.
• Buying over making.
• Innovation coming from smaller companies.
• Seeing good technologies being poorly managed.
• Perceived synergy.
• Buying share.
• Having a lot of money in the bank.

There were also smaller acquisitions by other security vendors in 2011 but the above seem to be the larger ones. Look for more of the above to occur in 2012. Discussions on the 2011 initial public offering (IPO) market will be a separate blog. 2011 was not a stellar year for IPO’s.

It’s a new year. The RSA Conference 2012 is coming up in late February. Scoping out companies and intercompany bonding to take place over drinks at the W Hotel across from Moscone Center. This is the place to hang. For a bit more discretion, the Clift.

Monday, January 02, 2012

What Would Avast Software’s Valuation be as a Public Company?

On December 20, Avast Software filed with the SEC for an initial public offering (IPO) of $200 million in common shares. UBS Limited and Deutsche Bank Securities Inc. are acting as joint bookrunning managers and Pacific Crest Securities LLC, Morgan Keegan & Company, Inc. and Macquarie Capital (USA) Inc. are acting as co-managers for the proposed IPO. Avast promotes that they are protecting over 146 million active users and 189 million registered users. Nice installed based to talk about for an initial public offering The freemium model covers a substantial number of these users.

A Quick But Often Used Valuation Methodology for an IPO

In the interest of brevity, methods of valuing a company for IPO purpses include - Book Value, Internal Rate of Return (IRR) Profit/Sales Multiple, P/E (Price/Earnings ratio), Dunn-Rankin formula, free cash flow. In the link to the attached article, the author also talks about the asset approach, the earnings approach, and the market comparison approach. Discounted cash flow analysis would be great, but does involve a fair amount of conjecturing.

So, let’s use the price multiple approach for an Avast IPO. For the six months ended June 30, Avast reported a profit of $23 million. This was an increase from $4.4 million during the same period last year. Revenue increased 87% to $37.9 million. Double that revenue to annualize it, and assume a little growth over the second half of the year. Instead of $75.8 million, let’s say $80 million. Their total 2010 revenue was $48.5 million. This is probably still conservative since their first halve 2010 revenue was $20.2 million.

From an earlier blog, Symantec paid a revenue multiple of 5x and 4.8x for PC Tools and Message Labs, respectively in 2008. In 2009, McAfee paid a revenue multiple of 4.9x for its acquisition of MX Logic. These were all security acquisitions.

Different industries have different price multiples. The risk is different. Margins are different. A software company isn’t a steel com company, nor is it an appliance company.

Intel’s acquisition of McAfee wouldn’t be a valid comparison because McAfee obtains a substantial portion of its revenue from appliances. Ditto for any multiple that could be back calculated from the Thomas Bravo December 8 $1.3 billion proposed acquisition of Blue Coat Systems. Blue Coat obtains a substantial amount of revenue from its appliances. Bravo paid a 48% premium over the previous day’s stock closing price and about 19 percent off the highs of Blue Coat’s share price in January.

And the Answer is

Using the 5x figure for Avast Software, suggests a total valuation of $400 million. This may not be unreasonable give their rapid growth. The paperwork filed with the SEC lays out a number of potential risks. But that's what this paperwork is for.

Again, the above is crude. There are multiple better methods. It does provide a rough estimate. The company is generating cash. They are profitable. As of June, they had about $85 million in the bank. Let the underwriting number crunching continue.

For a May update 

To view Avast’s F-1 form filed with the SEC, go to