MITRE Security Tests Reveal Built-in Advantage of First-Gen Antivirus Vendors

Slashdot reader storagedude writes: The MITRE cybersecurity product evaluations use adversarial attack techniques instead of basic malware samples, and as a result are the best tests of enterprise security products - particularly in light of dramatic recent attacks on SolarWinds and Colonial Pipeline. What's especially interesting is just how well first-generation antivirus vendors like Symantec, McAfee and Trend Micro have fared in the MITRE tests. An eSecurity Planet article analyzes the data and speculates on why the old guard may have a built-in advantage over the hot upstarts: "They may have been overshadowed in recent years by some of the flashy marketing of the upstarts, but that long history gives the old guard a product depth that's tough to beat," eSecurity Planet wrote. "Just one example: Symantec was prepared for last year's SolarWinds hack because it long ago faced attacks when hackers tried to disable endpoint agents, a primary vector for the Sunburst malware. "In cybersecurity, experience still counts for something."

Read more of this story at Slashdot.