Monday, July 30, 2012
Webroot Going After Symantec Business Customers (but not by name)
A couple of week ago, some Symantec users got to experience the “Blue Screen of Death”.
According to a posting after the problem leading to the blue screen of death was resolved. "The root cause of the issue was an incompatibility due to a three-way interaction between some third-party software that implements a file system driver using kernel stack based file objects — typical of encryption drivers, the SONAR signature and the Windows XP Cache manager," Symantec Security Response team member Orla Cox said in a blog post. "The SONAR signature update caused new file operations that create the conflict and led to the system crash." http://www.zdnet.com/symantec-explains-windows-xp-blue-screen-of-death-outbreak-7000000943/
A blue eye for Symantec. They explained further in the post how they were going modify the test process to prevent this from happening again.
In a late July “How to stop feeling blue” email campaign (and without mentioning Symantec), Webroot has felt your hurt, and has a solution. Of course, it does involve a product switch ;).
“PC users around the world recently found themselves facing the dreaded blue screen of death. It's not the first time a security update caused system crashes, and it won't be the last. How can you avoid becoming the next victim? Switching to Webroot® SecureAnywhere™ Business – Endpoint protection is the only solution that solves the update problem. Plus, you'll always get superior support from Webroot—whether your company has 25 users or 25,000.”
"Issues of false positives and ‘blue screens of death" are down to anti-virus technology being 20 years out of date.” Dan Raywood, SC Magazine UK, July 18, 2012
To help alleviate your hurt, Webroot is offering businesses a 30-day free trial or an up to 6-month competitive swap out.
This could get interesting if Symantec chooses to respond. They both contract with Passmark Software to perform comparative tests for them. Passmark is a privately owned software development group with a head office in Sydney, Australia. www.passmarkcom
Both companies have products that scored 15.5 points out of 18.0 in a certification test by AV-Test last week. www.av-test.org
Symantec is not participating in AV-comparative’s testing this year. In their latest Whole Product Dynamic Real World Protection test, Webroot received a “Tested” rating, with a large number “compromised” files. Webroot received one star (3 is tops) in the March On-demand Detection of Malicious Software test. www.av-comparatives.org . They were last in false positives, twelfth in file detection rate.
Symantec hasn't been participating in Virus Bulletin's VB100 testing. Webroot had false positive issues in that test and failed to receive a VB100 in December 2011 testing (the most recent test they participated in). www.virusbtn.com
Look for updated battle cards to be created. Or not. A Symantec response may be stealthy. This is when marketing gets to be interesting.