Challenges for young anti-malware products today

Friday 4 October 10:00 - 10:30, Red room

Sorin Mustaca (Sorin Mustaca IT Security Consulting)



There are two categories of anti-malware vendors:

  • Established anti-malware vendors, who are preoccupied with getting the best scores in detection tests and capturing more market share.
  • Emerging anti-malware vendors, who are trying to understand what they need to do in order to enter the market.

This paper is about the second category of companies: those who are trying to enter the market either because they have identified a small market segment which they think they can serve, or simply because they’ve heard they can make some easy money. None of these emergent companies actually know what it takes to make a ‘real’ anti-virus product. They try to enter the market by creating some software that detects malware using a third-party scanning engine and soon realize that things are much more complicated than estimated: they face a multitude of problems they don’t understand and realize that there are more who want to see them fail than who are able and willing to help them.

In this paper I will discuss some of the challenges emergent anti-malware companies face:

  • Technical: how do you create an AV product?
  • Certification: how do you get tested and by whom?
  • Reputation: how do you establish a good reputation and remain unblocked by the ‘big guys’?
  • Blacklisting: what happens if you get flagged by some established companies?
  • Getting along with Microsoft: how do you establish a realistic ‘go-to-market’ plan?
  • Free product: what does it take to make a ‘free’ anti-malware product?

 

Sorin-Mustaca-web.jpg

Sorin Mustaca

Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, has been working in the IT security industry since 2000. Until 2003 he worked at RAV Antivirus (acquired by Microsoft in 2003) and between 2003 and 2014 for Avira, where he was responsible for the known Avira AntiVir products used by over 100 million users worldwide.

Since the end of 2014 he has run his own consulting company, Sorin Mustaca IT Security Consulting UG (Hfb), helping companies create security products and improve their chances on the market.


   Download slides

Back to VB2019 Programme page

Other VB2019 papers

Shinigami's revenge: the long tail of Ryuk malware

Gabriela Nicolao (Deloitte)
Luciano Martins (Deloitte)

Thwarting Emotet email conversation thread hijacking with clustering

Pierre-Luc Vaudry (ZEROSPAM Security)
Olivier Coutu (ZEROSPAM Security)

2,000 reactions to a malware attack - accidental study

Adam Haertle (BadCyber.com / ZaufanaTrzeciaStrona.pl)

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.