In a time when many security analysts are warning enterprises to supplement anti-virus (AV) products overburdened by today's advanced malware attacks with additional application controls, free tools continue to gain market share.
According to a new report out this week from OPSWAT, the use of free anti-virus tools ticked up a few percentage points in the third quarter, to make up 44% of the AV market share. Estimates were figured by OPSWAT, a software management firm that bases its reports on more than 140,000 data points gathered from opt-in scans of endpoints utilizing the firm's application remover software.
OPSWAT reported that in North America, free AV market share paced with global figures, but the vendor dynamics differed slightly. In North America, Microsoft Security essentials far surpassed all other AV product install bases, with 25.3% market share. That's compared with the leader in worldwide AV share, Avast, which had a free AV suite that was nearly neck-and-neck with Microsoft for the top spot globally (13.8% share for the former, vs. 13.6%).
An InformationWeek Reports analysis on endpoint anti-virus and anti=malware suites explained that the ground gained by free products and the general fragmentation of the AV market shows that "there's not a strong correlation" between product price and performance or effectiveness.
"For example, testing by NSS Labs found that Microsoft's product, which is free for small businesses and is often included in existing Microsoft volume license agreements for many enterprises, fared in the upper half of a group of 11 anti-malware products when tested for effectiveness at blocking malware and Web-based, client-side exploits, while having the lowest negative effect on system performance," wrote author Kurt Marko.
The growing usage of free antivirus products may also be attributable to the dawning realization that AV alone can no longer stem the tsunami of targeted attacks designed to thwart just these sorts signature-based protection mechanism. The rationale may be to save on AV and free up funds with additional security layers.
"Traditional antivirus techniques have fought a losing battle for years. Popular hacker exploit kits pounce on new vulnerabilities quickly, while advanced tools such as polymorphic viruses propagate their malicious intents," Chris Sherman, an analyst at Forrester Research, wrote in a blog post earlier this week about anti-virus strategies. "Combined with the fact that anti-virus vendors miss a significant number of the unknown or zero-day threats, many security professionals are left questioning their antivirus-centric approach to endpoint protection."
A security report out last week from Forrester strongly urged enterprises to consider supplementing AV with whitelist application control for maximum endpoint protection.
"Whereas traditional anti-virus technologies laboriously scan every file on the endpoint looking for known bad scripts, whitelisting takes a very different approach and blocks everything except those applications known to be trusted," Sherman said. "This leads to faster endpoint performance and overall better protection against zero-day threats when compared to traditional antivirus techniques."