How to choose an antivirus?

If there is one program essential to any computer, it is a antivirus. Should you only install one software protection on your PC, that would be the one. Recall that the virus are small malicious and hidden programs capable of infecting one or more software present on the computer and which, in a second time, will parasitize the data of the PC. They are called viruses because, like viruses that affect the human body, they spread from one computer to another by replicating themselves.

How does an antivirus work?

As their name suggests, antiviruses are software whose mission is to identify viruses and either eliminate them or quarantine them, in order to prevent them from acting.

Recognize viruses by their signatures

What does a classic antivirus do? It scans each new file that enters the computer — such as when installing a program or receiving an email — to see if it contains code from a known virus. It turns out that many viruses can be identified by a “signature” (a specific type of code). As soon as the antivirus has identified this signature specific to a virus, it eliminates the corresponding file. Sometimes, for want of anything better, he places him in quarantine, in order to prevent him from performing.

Detection using Artificial Intelligence

However, simply identifying a virus signature is not optimal. It assumes that PCs have been infected, that an antivirus editor had to analyze the corresponding code in order to isolate the signature of the virus in question. He was then able to propose an update of the antivirus software integrating the taking into account of this signature. The concern in this situation is that the antivirus intervenes after PCs have been infected. Nowadays, the trend is to use theArtificial intelligence to try to identify the way of operating specific to a virus before it even enters into action.

Moreover, today, viruses are far from being the only threat which can weigh on the computers of a company like an individual. As a result, it is more commonly referred to as malware (from English malware).

In the malware family, I would like the virus

We designate under the generic term of maliciel (malware) all kinds of threats or nuisances that can impact a computer. Malware can be relatively benign, but some are particularly dangerous. In addition to viruses, malware includes:

• the spywares or cookies that spy on your behavior;
• the adwares, free software that occasionally displays banner ads. They are sometimes accused of behaving like spyware;
• the ransomware that encrypt PC or network data – a ransom is demanded to regain access to data. They are the biggest threat to computers today;
• the keyloggers, which spy on the keys pressed on the keyboard, ;
• the hijackers which change the homepage of the Navigator Web, change the default search engine;
• cryptojacking, which consists of diverting the computer power of a PC to mine cryptocurrency ;
• the rootkits, or malware that embeds itself in track 0 of the disc, which makes it particularly difficult to detect;
• worms, which are stand-alone programs which, unlike viruses, do not parasitize particular software but have the ability to self-replicate and therefore slow down the computer’s disk.

Antiviruses evolve regularly in order to take into account, as far as possible, these new types of attack and it is important to check which types of malware they can manage.

Choosing an antivirus: the criteria to take into account

Free or paid?

Some antivirus are free for individuals, others are paid.

Can we be satisfied with a free antivirus? Usually, these are content with basic protection. They track the most common viruses, block dangerous files and can alert you if you visit a questionable site. Windows, since its version 10, includes such a free antivirus, Defender, which provides a quite honorable level of protection. However, the tests carried out by specialized sites such as AV-Test.org show that, overall, the paid versions are rated higher.

Therefore, if your computer is dedicated to a particular use and you regularly operate backups data, you can make do with a free antivirus. If you run a business, paid solutions seem inevitable.

Paid antivirus offers more extensive protection solutions. In particular, they are able to take into account, beyond just viruses, the types of malware mentioned above. The most advanced operate an intelligent analysis of applications rather than just looking for known virus signatures. Sometimes paid antiviruses also use sophisticated malware detection techniques. Finally, some offer computer data backup tools with the ability to restore said data in the event of an unforeseen disaster.

In view of the benefits that can be derived from a good protection program, the criterion of being free should not be taken into account. A quality antivirus can represent a huge saving compared to the damage against which it can protect a network of PCs.

The level of protection

The main criterion for choosing an antivirus is the following: does it offer the best protection against the most diverse nuisances? That is, not only viruses, but other types of malware: malware, spyware, adwares… Of course, it is up to you to determine, depending on the type of data to be protected, the level of protection you want. If the PCs manage activities such as accounting, or inventory, no compromise should be made on this criterion.

As we have already mentioned, the most sophisticated antiviruses strive to detect secondary nuisances such as e-mails from scams (scams) or the sites of phishing (one site imitates another to encourage you to spontaneously deliver confidential information) and also other potential nuisances discussed below.

Le rollback

It is not possible for a company to rule out the risk of a ransomware-type attack. Enterprises such as Saint Gobain or Fleury Michon saw their computer system blocked for several days. And an SME in Clermont, which sold spare parts and had not set up adequate protection for its files, had to put the key under the gate following such an attack.

Faced with such attacks, some professional antivirus vendors offer a “rollback” function: they are able to cancel all operations that have taken place since the ransomware attack and restore files to a state prior to the attack. ‘attack.

EDR or XDR?

The most advanced antiviruses integrate EDR or XDR, i.e. malware detection functions based on theArtificial intelligence. Rather than simply tracking known virus signatures, they track down the slightest indicators of attempted data corruption or other malicious intrusions, in short, any suspicious activity.

What is the difference between EDR and XDR? EDRs (Endpoint Detection and Response — endpoint detection and response) monitor endpoints (computers, servers, tablets, telephones, etc.).

The XDRs (eXtended Detection and Response –extended detection and response) protect not only endpoints, but also email, servers, cloud.

Ease of use

For an individual, a point to take into account is the ease of installation and use, especially if you are new to computers and do not wish to develop a particular skill in it. matter. In the best case, the antivirus operates its work in the background without you ever having to worry about it. The geeks, on the other hand, will find pleasure in being able to configure the options of the antivirus.

Regular update

Since new viruses appear almost every day, the makers of the best antivirus software are on the alert. As soon as a new aggressor is identified, they strive to provide the appropriate response as quickly as possible.

Lightness

One consideration on a somewhat older PC is the “lightness” of the antivirus. Like any program that runs in the background, an antivirus can slow down the computer. It has even happened that an antivirus has such a heavy operating mode, that it came to slow down the overall activity of the PC. Such software that increases the workload of the system is referred to as “bloatware”. So, if your PC is old or has low memory, this factor must be taken into account and that is why antivirus test sites include this criterion.

Real-time protection

Your antivirus software must have a “real-time protection” mode. That is to say, he is able, not only to analyze the Hard disk in order to be able to detect the presence of an antivirus, but also to be able to intercept any unwanted intrusion in real time. An example ? You open an attachment that contains infected software, the antivirus must be able to detect it “on the fly”. This permanent protection mode is present in almost all programs. However, sometimes you have to activate it yourself.

Additional functions

Many antiviruses offer additional functions that some may find very useful:

• a VPN (which hides your IP or identity Internet when surfing the web);
• a parental control, to avoid exposing children to inappropriate sites;
• access protection Wi-Fi (one of the weak links of the Internet);
• monitoring of websites visited with an alert if any of them are known to potentially infect the PC.

Are Macs safe from viruses?

Unlike Windows, macOS does not include antivirus software.

It turns out that if you’re using a Mac — or if your PC’s system is Linux –, the risk of being infected by a virus is much lower than under Windows. The reason is that these systems rely on a software base called Unix, designed from the start to prevent virus infection and spread, which was not the case with Windows.

The user of a Mac or a PC running Linux can therefore generally get by without an antivirus. However, some programmers like to challenge themselves and some viruses have sometimes appeared on these systems, such as Flashback Trojan in 2012 which infected 600,000 computers running MacOS. So if you’re managing high-value information on a MacOS computer, don’t overlook the antivirus option.