It’s good to see that at last some alternatives to traditional AV endpoint protection are gaining traction. A lot of the questions I was asked at the show were to compare Webroot to other exhibitors who were making similar claims. (But because we lead the Predict, Prevent, Detect, and Respond model there are really no true one to one comparisons. There is however a lot of plagiarism on our market positioning, which I take as an indirect compliment, as does my CMO).

My primary concern now is efficacy, just how good are other solutions at stopping attacks and infections? The other vendors have little or no track record and are in light use. Nor do Webroot or I really care about a kill chain, it’s too damn late if you’re looking at a kill chain. As the Financial Services industry keep saying your investment may well go up or down.

Another annoyance I and the people I talked to have is that there is also no real ‘independent’ testing of next generation AV. We have tried unsuccessfully for over three years to get endpoint tests by all the ‘big’ testers updated. But, there is too much self-interest in their keeping things the same. That’s a shame, as their credibility is truly shot as any security professional sees day in and day out the disconnect between 100% detection test results and their real-life infection rates.

Perhaps the most surprising event (given other infamous events) was the pertinence of John McAfee’s speech quickly followed by the weaknesses in Android being at last partly admitted in Public. Google are willing to let you share your full contacts with a flashlight app and still don’t see any issues. Yet the people who say “don’t worry you’ve nothing to fear if you’ve nothing to hide” are all the actors I want to stay as far away from as possible – as they are ALWAYS up to no good.

So what now after Black Hat 2015? Are we turning failure into success? I’m afraid the answer is still no. Commercial, Government and Hacker interests are still harmoniously aligned and we will not see success until they are hoisted on their own petard. Frankly that cannot come soon enough (as long as they don’t take us all down with them).

George Anderson

About the Author

George Anderson

Director, Product Marketing

George has spent the past 20 years in the IT Security industry in roles for Computacenter (Europe’s leading systems integrator), global product marketing lead for Clearswift (a data loss prevention, email and web security vendor) and for the past 9 years with Webroot where he is currently responsible for product marketing for their business security division – Endpoint and DNS Protection and Webroot Security Awareness Training.

Share This