First published: 30th November 2007
Commtouch Software Ltd., a vendor of email security products, has launched their "Malware Outbreak Center", a website that compares the detection implementation time of 27 anti-virus products against their own detection of the same threat. Products that already detect a threat at the time that Commtouch first detects it are shown as having "zero hour detection".
The site is very interesting for comparing the performance of different anti-virus products, but should not be used to compare those products with Commtouch's products. Firstly, as Commtouch emphasises on its site, its products are specialised for use on email, and they are a complement to, not a replacement for desktop anti-virus products. An email-only tool can look for "things that are not normal in email", rather than the more complicated, "things that might do bad things", so the comparison is not like-for-like. Secondly, as detection by Commtouch is used as the benchmark, no other product can beat Commtouch's score: the best they can do is "zero hour detection", meaning, as good as Commtouch. These two limitations are combined in a third question: what happens if Commtouch gets it "wrong". At the time of writing, the site shows a threat detected by Commtouch on 2nd November 2007 at 07:58 is still undetected by all the anti-virus products, after over ten days delay. No information is given about what this "threat" really is, perhaps it is something not normal in email, but not a threat either.
Testing anti-virus software is difficult, and anything that can give users more information to make informed decisions is to be welcomed.