Challenges for young anti-malware products today

Presented at VB2019, Oct. 4, 2019, 10 a.m. (30 minutes)

There are two categories of anti-malware vendors: * Established anti-malware vendors, who are preoccupied with getting the best scores in detection tests and capturing more market share. * Emerging anti-malware vendors, who are trying to understand what they need to do in order to enter the market. This paper is about the second category of companies: those who are trying to enter the market either because they have identified a small market segment which they think they can serve, or simply because they've heard they can make some easy money. None of these emergent companies actually know what it takes to make a ‘real' anti-virus product. They try to enter the market by creating some software that detects malware using a third-party scanning engine and soon realize that things are much more complicated than estimated: they face a multitude of problems they don't understand and realize that there are more who want to see them fail than who are able and willing to help them. In this paper I will discuss some of the challenges emergent anti-malware companies face: * Technical: how do you create an AV product? * Certification: how do you get tested and by whom? * Reputation: how do you establish a good reputation and remain unblocked by the ‘big guys'? * Blacklisting: what happens if you get flagged by some established companies? * Getting along with Microsoft: how do you establish a realistic ‘go-to-market' plan? * Free product: what does it take to make a ‘free' anti-malware product?

Presenters:

• Sorin Mustaca - Sorin Mustaca IT Security Consulting
  Sorin Mustaca Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, has been working in the IT security industry since 2000. Until 2003 he worked at RAV Antivirus (acquired by Microsoft in 2003) and between 2003 and 2014 for Avira, where he was responsible for the known Avira AntiVir products used by over 100 million users worldwide. Since the end of 2014 he has run his own consulting company, Sorin Mustaca IT Security Consulting UG (Hfb), helping companies create security products and improve their chances on the market.

Links:

• https://www.virusbulletin.com/conference/vb2019/abstracts/challenges-young-anti-malware-products-today
• https://www.virusbulletin.com/uploads/pdf/conference_slides/2019/VB2019-Mustaca.pdf

Similar Presentations:

• DEF CON 14 (2006) / Hacking Malware: Offense Is the New Defense
• Black Hat Europe 2019 / Unveiling the Underground World of Anti-Cheats
• DerbyCon 3.0 All in the Family (2013) / The Malware Management Framework, a process you can use to find advanced malware. We found WinNTI with it!