So, let's suppose somebody who is involved with incident response at a typical US public University has collected a few recent malware samples from the compromised machines and then submitted all the samples to VirusTotal for scanning with pretty much ALL current anti-virus and anti-virus-like products.
What do you think the average detection rate (i.e. a malware sample was identified as "something bad") was?
Any guesses? Here are a few numbers to help you choose:
- 100%
- 94%
- 90%
- 70%
- 50%
- 33%
- 22%
- 14%
- 2%
- Something else?
Let the games begin!
UPDATE: answer postedUPDATE2: after much deliberation, I finally replaced anti-virus on my own systems with another technology. Read the details here.