cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Marcipicus
Newcomer I

CISSP Advice on windows 10 antivirus

Hi there,

 

I'm trying to find out which is the best antivirus software for windows 10 is but all I can find is bull**** sales pitches and comparison sites.

 

So I am looking for someone with a CISSP certification(or someone else with experience)to tell me which antivirus programs are the best.

 

Ideally I don't want to slow my computer down...Just routine virus scans and protection during installation of new programs.

 

Thank you for your help.

13 Replies
JKWiniger
Community Champion

I can't say which I like on Windows 10 because it's been some time, but I can mention a few things. It would be very common for me to have clients on antivirus X for a while, and then there would be an update and it would start killing the CPU. So I would switch to antivirus Y, and after a while the same thing would happen and I would change to a new one yet again. In the past when I went looking most top ten sites always listed the same handful as all the others. It wasn't so much of marketing as they simply worked, and yes, once in a while you would find a good one that wasn't on the list. My other go too is Malware Bytes. I tell people to install that and run it sight unseen and it normally find a bunch of stuff...

 

Also, the one I would never go near, was Norton!

 

John-

Marcipicus
Newcomer I

Thank you for your help.

Exactly what I was looking for.

Cheers
Steve-Wilme
Advocate II

There are independent test lab reports you could examine on the products.

See www.av-test.org/en/ for example.

Products tend to leap frog each other in terms of features and performance so if it's not a large corporate roll out best to reconsider the alternatives every couple of years.

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
rslade
Influencer II


@JKWiniger wrote:

Also, the one I would never go near, was Norton!


Hear, hear!


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Beads
Advocate I

Frankly, I am seeing more major clients simply using Windows Defender from Microsoft and calling it a day. We've add way more than we need at the endpoint, needlessly tying up CPU and memory resources.

 

If you still want a commercial A/V suggest looking at one of the NG or Next Generation lightweight products such as CrowdStrike, Cylance or any other number of good products out there. Personally, I stopped paying for A/V about five years ago when I realized it had been back in the 90s when I detected my last at home virus. Regardless of the product, my other defenses appear to be robust enough to have stopped most everything else.

 

Safe computing and good luck with your decision.

 

- b/eads

ericgeater
Community Champion

I'm here to post another thread about this, because you're asking about AV, and I'm asking about EDR.  We just swapped over to Carbon Black, and I'm now weighing the possibility of removing Symantec Endpoint Protection entirely, because of the reputation CB Defense has.

 

It's roughly the same price annually as Symantec, but apparently it's far more robust than signature-based AV defenses.  I'll be curious if you've looked at EDR.

 

Off to write my other post!

--
"A claim is as good as its veracity."
alkuin_melvin
Viewer II

I agree, we should look more to EDR products rather than simple signature-based AV as it have more robust performance and capabilities, just curious for CB do you have any experience of slow down performance and how it compared with other EDR products like Symantec/ TM/ others?


Regards,

Alkuin Melvin, CISSP, CISA
ericgeater
Community Champion

I'm writing this from home, so my notes from the meeting aren't available... but I called CB's tech support so they could explain the difference between their product and SEP.  CB is a lightweight client because it only scans your PC at installation.  Files are hashed on the PC at scan, and the hashes are uploaded to the cloud in the massive CB database. New software installations also go through the same process.

 

I inferred that it's possible to install malicious software on your PC, but CB stops the execution (or prevents you from running it) if the risk severity demonstrated by the instant hash comparison determines the program is malicious.  That being said, it's doing this work with a live internet connection.  i can't say what would happen with a PC that's not connected at that moment.

--
"A claim is as good as its veracity."
Brijesh13
Newcomer I

Hi,

As per my suggestion, AV is only traditional way of fighting against new threat landscape. It was old way to find virus and malicious apps. But now trend is changing towards technology which can help not only detection and remediation but also can help in prevention method from such attack. I think CrowdStrike, Morphisec etc. are best now industry and they are next gen. way of detection and prevention method.