That appears to be the conclusion of a pair of independent tests recently released by NSS Labs.
Back in June of 2008 you may remember there was some noise in the IT press, as Trend Micro was declining to participate in some of the well known anti-malware tests, such as VB100. Our argument at the time, and this still stands today, was that those tests simply do not accurately reflect the threat as our customers encounter it, and as such the results may offer a false sense of security.
The internet has emerged as the most abused attack vector, attacks are multi-variant, multi-protocol, distributed in source (botnets), often targeted in nature and can no longer be defeated by the pattern-matching techniques that have been at the core of security software for so long.
Traditional security product testing has mostly been conducted in an isolated lab environment with a selected list of malware and this does not allow modern security software to perform to the best of its abilities. Trend Micro uses the internet based capabilities of the Smart Protection Network to provide real-time dynamic protection, focusing not just on the malicious file, but the malicious email and web site as well, creating smart correlated rule-sets designed to thwart malicious activity.
This is a threat-centric philosophy not a file-centric one. The aim is to break the chain of infection, or block the threat, as early as possible; looking first at the “exposure layer” or where threats come from and subsequently at the infection layer, or “what the threat does when it arrives”.
Independent and importantly unsponsored testing, from NSS Labs, has just been released that underlines the importance of this new approach. In July and August of this year NSS Labs performed 17 days of 24×7 testing on 9 consumer and 10 enterprise products.
Is Trend Micro’s cloud-client Smart Protection Network ready for prime time? I think the results speak for themselves…
Download the full reports from NSS Labs here