COMODO CYBERSECURITY LAUNCHES ZERO-DAY CHALLENGE TO AV INDUSTRY
Highlights vendor practices, shortcomings of detection and AI; calls for greater transparency
CLIFTON, NJ and Las Vegas NV – August 7, 2018 – Comodo Cybersecurity, a global leader in threat intelligence and malware cyber defense, today announced the launch of the Comodo Zero-day Challenge. This new initiative highlights the inadequacies of current practices in the anti-virus (AV) industry.
In particular, the Challenge seeks to unmask how AV vendors mislead customers, and the investment community, into believing that detecting massive volumes of out-of-date malware is a substitute for real protection against the thousands of new malware attacks mounted every day. While AV vendors brazenly tout their success, their clients continually suffer data breaches. To support their claims, they hide behind the terms of Google’s VirusTotal program, abusing the collective power of the VirusTotal engine and the community behind it.
In response, Comodo Cybersecurity invites AV end-users in enterprise and small businesses, as well as other members of the endpoint security ecosystem, to submit their malware of choice to the company’s Valkyrie malware verdicting tool and freely share the results.
VIRUSTOTAL AND HOW AV VENDORS ABUSE IT
VirusTotal (www.virustotal.com) is Google’s crowd-sourced virus scanning project. VirusTotal solicits suspect files and URLs and scans them with solutions from over 70 AV tools suppliers. Basic results are shared with submitters and among participating commercial partners (subscribers), who use results to improve their anti-virus software, in theory, collectively contributing to the improvement of global IT security. Key to VirusTotal’s ability to attract commercial participants have been the project’s Terms of Service, wherein participants agree not to “use the Service in any way which could infringe the rights or interests of VirusTotal, the Community or any third party, including for example, to prove or disprove a concept or discredit, or bait any actor in the anti-malware space”
“Subscribing vendors use these terms to conceal the inadequacies of their AV tools and to hide downright deceptive practices,” noted Comodo President and CEO Steve Subar. “VirusTotal is the victim, not the villain, and end-users are exposed to massive amounts of malware as a result.”
Comodo avers that the actual deception is threefold, and that AV suppliers often:
- Lack actual competence in virus detection, riding piggyback on VirusTotal, and depend on the detection capability of others, without acknowledging that dependence
- Overstate and distort the effectiveness of detection, hide misidentification and false positives, trumpet their embrace of AI as a bluff and attempt to “game” tests with repacked viruses and fake malware to overstate their results
- Abuse VirusTotal and other community resources for reporting the supposed efficacy of detection, leveraging a well-intentioned and open portal to support deceptive practices
PROTECTION > DETECTION
Since the appearance of the first computer viruses in the 1980s, anti-virus technology has involved two steps: detect and remediate. “The detect-remediate paradigm has always been an unwinnable paper chase,” added Subar. “Detection and remediation depend on knowledge gleaned from prior encounters with a virus. New viruses, a.k.a. zero-day threats, slip right by blacklist-based AV tech. And thousands of new threats appear every day.
“Detect-Remediate is inherently flawed,” Subar continued. “Effective detection requires vendors to keep virus registries 100% current – an impossible task – and stymied by AI-powered algorithms not being able to distinguish between malicious and benign code 100% of the time.
“Actual protection involves much more than mere detection,” added Subar. “Protection is preemptive and comprehensive, stopping all unknown files before they can damage system resources and user assets. Protection renders both known and unknown malware harmless.”
THE COMODO ZERO-DAY CHALLENGE
Comodo Cybersecurity invites IT end-users, researchers and interested third-parties to put Comodo to the test by submitting their chosen malware to the Valkyrie Verdict engine. If they can show that Valkyrie fails to detect actual malware (not bogus benign bait), the company will publicize the submission and add it to their verdicting database.) If Valkyrie correctly identifies submissions as malware, Comodo will still publicize the submission, along with your name and photo, as proof of company technology.
VISIT COMODO CYBERSECURITY AT BLACK HAT
Comodo Cybersecurity will be present at this year’s Black Hat USA in Las Vegas, Nevada (booth #1456 and Lobby Lounge) showcasing its innovative cybersecurity platform that renders attacks useless across the LAN, web and cloud. The Comodo ONE platform includes endpoint security, managed detection and response, secure cloud and internet access, and threat intelligence.
ABOUT COMODO CYBERSECURITY
In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo ONE platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Comodo Cybersecurity has experts and analysts in 193 countries, protects 85 million endpoints and serves 200,000 customers globally. Based in Clifton, New Jersey, the company has a 20-year history of protecting the most sensitive data for both businesses and consumers worldwide. For more info, visit comodo.com or our blog. You can also follow us on Twitter (@ComodoDesktop) and LinkedIn. Use the hashtag #ComodoZeroDayChallenge!