Corporate network vulnerability assessed and explained: Kaspersky


Expert Member
Jan 21, 2005
Use of multiple vendor anti-malware solutions (15% of incidents) may lead to a situation where it is hard to mitigate malware attacks. This may occur if one of the vendors does not respond fast enough to attacks. Delays in responses may run to days, weeks or even months. During this time the solution of another vendor would detect and remove malware, but only in its part of the network – and malware would attack it from the unprotected side. Alexey Polyakov concluded, “From our experience we see that security admin spends a lot of time working with multiple vendors’ support services in finding and fixing a problem.”

I always love how anti-virus vendors have the "only our product" mindset. Any corporate running only one anti-virus package should serious examine their heads. In a couple of corporates where IT admin denies the existence of a virus because their particular scanner does not pick it up. Especially with the "enterprise" editions. My motto is "the more enterprise, the less detect". It is sad that the free version of Malware Bytes can remove nasties that McAfee Enterprise can't even see, but because McAfee as "enterprise" in the name and not Malware Bytes, everybody just have to live with the virus. So any serious enterprise should actually have multiple scanners on their networks (not all on one device) so that they don't have blindspots. Even if it just a couple of honeypots running different anti-virus software.