In recent years, threats to computers have increased. Very large companies have been the subject of computer attacks which have been able to paralyze their activity for several days. An antivirus therefore represents a minimum protection. But on what criteria should it be chosen these days?
If there is one program essential to any computer, it is a. Should you only install one protection on your , that would be the one. Recall that the are small malicious and hidden programs capable of infecting one or more software present on the computer and which, in a second time, will parasitize the data of the PC. They are called viruses because, like viruses that affect the human body, they spread from one computer to another by replicating themselves.
How does an antivirus work?
As their name suggests, antiviruses are software whose mission is to identify viruses and either eliminate them or quarantine them, in order to prevent them from acting.
Recognize viruses by their signatures
What does a classic antivirus do? It scans each new file that enters the computer — such as when installing a program or receiving an email — to see if it contains code from a known virus. It turns out that many viruses can be identified by a “signature” (a specific type of code). As soon as the antivirus has identified this signature specific to a virus, it eliminates the corresponding file. Sometimes, for want of anything better, he places him in quarantine, in order to prevent him from performing.
Detection using Artificial Intelligence
However, simply identifying a virus signature is not optimal. It assumes that PCs have been infected, that an antivirus editor had to analyze the corresponding code in order to isolate the signature of the virus in question. He was then able to propose an update of the antivirus software integrating the taking into account of this signature. The concern in this situation is that the antivirus intervenes after PCs have been infected. Nowadays, the trend is to use theto try to identify the way of operating specific to a virus before it even enters into action.
Moreover, today, viruses are far from being the only threat which can weigh on the computers of a company like an individual. As a result, it is more commonly referred to as malware (from English).
In the malware family, I would like the virus
We designate under the generic term ofall kinds of threats or that can impact a computer. Malware can be relatively benign, but some are particularly dangerous. In addition to viruses, malware includes:
- the or cookies that spy on your behavior;
- the , free software that occasionally displays banner ads. They are sometimes accused of behaving like spyware;
- the that encrypt PC or network data – a ransom is demanded to regain access to data. They are the biggest threat to computers today;
- the , which spy on the keys pressed on the , ;
- the which change the homepage of the Web, change the default search engine;
- cryptojacking, which consists of diverting the computer power of a PC to ;
- the , or malware that embeds itself in track 0 of the disc, which makes it particularly difficult to detect;
- worms, which are stand-alone programs which, unlike viruses, do not parasitize particular software but have the ability to self-replicate and therefore slow down the computer’s disk.
Antiviruses evolve regularly in order to take into account, as far as possible, these new types of attack and it is important to check which types of malware they can manage.
Choosing an antivirus: the criteria to take into account
Free or paid?
Some antivirus are free for individuals, others are paid.
Can we be satisfied with a free antivirus? Usually, these are content with basic protection. They track the most common viruses, block dangerous files and can alert you if you visit a questionable site. Windows, since its version 10, includes such a free antivirus, Defender, which provides a quite honorable level of protection. However, the tests carried out by specialized sites such as show that, overall, the paid versions are rated higher.
Therefore, if your computer is dedicated to a particular use and you regularly operatedata, you can make do with a free antivirus. If you run a business, paid solutions seem inevitable.
Paid antivirus offers more extensive protection solutions. In particular, they are able to take into account, beyond just viruses, the types of malware mentioned above. The most advanced operate an intelligent analysis ofrather than just looking for known virus signatures. Sometimes paid antiviruses also use sophisticated malware detection techniques. Finally, some offer computer data backup tools with the ability to restore said data in the event of an unforeseen disaster.
In view of the benefits that can be derived from a good protection program, the criterion of being free should not be taken into account. A quality antivirus can represent a huge saving compared to the damage against which it can protect a network of PCs.
The level of protection
The main criterion for choosing an antivirus is the following: does it offer the best protection against the most diverse nuisances? That is, not only viruses, but other types of malware: malware, spyware,… Of course, it is up to you to determine, depending on the type of data to be protected, the level of protection you want. If the PCs manage activities such as accounting, or inventory, no compromise should be made on this criterion.
As we have already mentioned, the most sophisticated antiviruses strive to detect secondary nuisances such as e-mails from(scams) or the sites of (one site imitates another to encourage you to spontaneously deliver confidential information) and also other potential nuisances discussed below.
It is not possible for a company to rule out the risk of a ransomware-type attack.such as Saint Gobain or Fleury Michon saw their computer system blocked for several days. And an SME in Clermont, which sold spare parts and had not set up adequate protection for its files, had to put the key under the following such an attack.
Faced with such attacks, some professional antivirus vendors offer a “rollback” function: they are able to cancel all operations that have taken place since the ransomware attack and restore files to a state prior to the attack. ‘attack.
EDR or XDR?
The most advanced antiviruses integrate EDR or XDR, i.e. malware detection functions based on the. Rather than simply tracking known virus signatures, they track down the slightest indicators of attempted data corruption or other malicious intrusions, in short, any suspicious activity.
What is the difference between EDR and XDR? EDRs (Endpoint Detection and Response — endpoint detection and response) monitor endpoints (computers,, , telephones, etc.).
The XDRs (eXtended Detection and Response –extended detection and response) protect not only endpoints, but also email, servers, cloud.
Ease of use
For an individual, a point to take into account is the ease of installation and use, especially if you are new to computers and do not wish to develop a particular skill in it.. In the best case, the antivirus operates its work in the background without you ever having to worry about it. The , on the other hand, will find pleasure in being able to configure the options of the antivirus.
Since new viruses appear almost every day, the makers of the best antivirus software are on the alert. As soon as a new aggressor is identified, they strive to provide the appropriate response as quickly as possible.
One consideration on a somewhat older PC is the “lightness” of the antivirus. Like any program that runs in the background, an antivirus can slow down the computer. It has even happened that an antivirus has such a heavy operating mode, that it came to slow down the overall activity of the PC. Such software that increases the workload of the system is referred to as “bloatware”. So, if your PC is old or has low memory, this factor must be taken into account and that is why antivirus test sites include this criterion.
Your antivirus software must have a “real-time protection” mode. That is to say, he is able, not only to analyze thein order to be able to detect the presence of an antivirus, but also to be able to intercept any unwanted intrusion in real time. An example ? You open an attachment that contains infected software, the antivirus must be able to detect it “on the fly”. This permanent protection mode is present in almost all programs. However, sometimes you have to activate it yourself.
Many antiviruses offer additional functions that some may find very useful:
- a (which hides your or identity when surfing the web);
- a , to avoid exposing children to inappropriate sites;
- access protection (one of the weak links of the Internet);
- monitoring of websites visited with an alert if any of them are known to potentially infect the PC.
Are Macs safe from viruses?
Unlike Windows, macOS does not include antivirus software.
It turns out that if you’re using a Mac — or if your PC’s system is–, the risk of being infected by a virus is much lower than under Windows. The reason is that these systems rely on a software base called , designed from the start to prevent virus infection and spread, which was not the case with Windows.
The user of a Mac or a PC running Linux can therefore generally get by without an antivirus. However, some programmers like to challenge themselves andhave sometimes appeared on these systems, such as Flashback Trojan in 2012 which infected 600,000 computers running MacOS. So if you’re managing high-value information on a MacOS computer, don’t overlook the antivirus option.