Volume of threat: the AV update deployment bottleneck

Wei Yan Trend Micro
Anthony Arrott Trend Micro

  download slides (PDF)

As cyber criminals continue to advance their malware development skills, the security industry has responded with new technologies to combat the new threats. Most recently, however, the cyber criminals have exploited an inherent weakness in the traditional security industry approach to AV protection. As AV solution vendors discover new threats and develop countermeasures, newly acquired threat knowledge must be deployed to all the protected computers and networks. In the last two years, the perpetrators of digital threats have increasingly automated the processes of producing new unique threat variants. On average, over 2,000 new unique malware threats are introduced to the Internet every hour. It now takes less than a week to produce the entire malware output of 2005.

As the flow of new threats increases, the timely deployment of AV pattern files to protected systems all over the world is becoming overwhelmed. Various responses by AV solution vendors to this assault are examined and compared, especially with respect to minimizing deployment delays and network resource utilization costs.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.