This week, CoreTrace announced the latest version of our award-winning application whitelisting product, BOUNCER. In a seemingly unrelated note, Microsoft officially launched the beta version of its free antivirus offering, Microsoft Security Essentials (MSE, previously code-named “Morro”).
Seemingly unrelated, and yet completely related.
The natural tendency is to dive into MSE and compare it feature-by-feature against the incumbent heavyweights of the blacklisting antivirus game. Already, reviewers and users alike are creating analyses and reviews of important attributes like scan time, blacklist size, performance impacts, etc.
These well-intentioned folks are missing the forest for the trees – just as folks have done at every tipping point in technology history (c.f., the horse-drawn carriage business in the early 1900s).
Simply put, Microsoft offering free antivirus is not the beginning of anything; it signals the official ending of the blacklisting era. It is the ‘jump the shark’ moment, to put it into popular lingo. Microsoft has now set the value of blacklisting protection at zero – because it is so fundamentally broken, that it is not even worth a penny.
Conversely, many security professionals are now touting application whitelisting as the future of antivirus. One leading analyst recently stated flatly that application whitelisting is “the last hope of security.” CoreTrace agrees wholeheartedly with that opinion. We believe that application whitelisting will be the primary anti-malware prevention technique going forward – and that blacklisting will be relegated into more reactive roles like cleanup. Preventing problems is worth real money; dealing with the cleanup is worth far, far less. Microsoft seems to place the value at zero.