NORTON SMALL BUSINESS

Dating all the way back to 1990, Symantec released its first Norton Antivirus after acquiring Peter Norton Computing. Quickly becoming a household name, Norton was on the forefront of developing heuristic detection which allowed them to quickly stomp out virus variants before they could gain too much momentum. Since then, Norton started to largely coasted off of its notoriety while charging top dollar for a product that seemed to get worse year after year. In recent years, they’ve scrambled to rebuild the product from the ground up, but I can already see them making some of the same mistakes of the past.

Malwarebytes

In 2004, Polish immigrant Marcin Kleczynski got his family computer infected and couldn’t get Norton or McAfee to remove it. I remember those days as being peak decline for the two antivirus giants. After 3 days of trying, Marcin was able to manually remove the infection and shortly after started developing Malwarebyte’s Antimalware. Even from its first version, it was clear to me that it was better than Norton or McAfee at the time and it remained my go-to antivirus for the better part of 15 years. One of the first things you noticed is how lightweight it was – almost to the point where you assumed it would be ineffective. But, time after time it would remove infections that other antiviruses couldn’t. Today, it has maintained the feel of being mostly a home product, although they have scaled up to have teams licensing for larger organizations. Its quality, while still good, has seemed to be frozen in time for the last 5 years. Some of the new services that they offer, such as claiming to delete your personal data from the internet seem absolutely ridiculous to me. We all know the internet never forgets.

Webroot Endpoint Protection

Started in ’97, Webroot has expanded to have offices all around the world. Originally focusing on a narrow problem with Spy Sweeper, they now have an enterprise full protection suite marketed towards MSP’s and IT teams. When it was acquired by Carbonite in 2019, I expected Webroot to slowly follow suit by being a mediocre product that was very successfully marketed. Instead, it has improved marginally. Its effectiveness at stopping malware seems to be about the same, but it no longer slows your computer to a halt. The enterprise dashboard is a little ugly but easy to use and has all the standard features you would expect. Overall, it seems to be a good starting point for a company adopting centralized managed IT solutions.

Trent Micro Small Business

Originally, Trend Micro developed security hardware dongles until Intel contracted them to make security software that they could sell or bundle under its own brand. Shortly afterwards, Novell started bundling Trend Micro with their network operating system. Over the years, Trend Micro has remained popular in the server space but if you are an end user your experience has probably been less than ideal. It’s never been the worst option out there for endpoint protection but it hasn’t exactly been awe-inspiring either. It seems as if the endpoint protection software was just a modification of the server protection software, and of course servers typically have orders of magnitude more RAM, CPU power and storage performance. Not to mention, the path of infection for a server is usually different than and endpoint.

ESET Protect Enterprise

Given that ESET NOD antivirus started under the influence of the Soviet Union where private entrepreneurship was banned, it naturally took some time to gain traction in other parts of the world – particularly the US. As soon as the USSR fell, the founders registered ESET as a privately owned LLC in their native Czechoslovakia. The subsequent 25 years have seen a rise and fall in popularity for ESET. But, it’s fairly lightweight, good with stopping the really bad stuff and the teams licensing is fairly priced and not too difficult to manage. I question its effectiveness with zero-day detections since it seems to be functioning with a classic heuristics model where definitions need to be manually added by their team. Given their roots, their days operating in the US may be numbered as we’ve already seen software such as Kaspersky face bans in the wake of US-Russian tensions.

SentinelOne Control

SentinelOne is an American late comer that showed up in 2013. Their IPO on the NYSE raised $1.2 billion stealing Sprint’s “S” trade symbol after its merger with T-Mobile. Not only have they built out a slick looking front end and an easy-to-use and feature-rich back end, but they are pioneering AI-driven heuristic analysis. I have no doubt that along with the rest of AI it will only continue to get better, but it’s already in a very polished state. Aside from one even where it incorrectly identified Carbonite’s services as malicious (makes me wonder about Carbonite), it’s detected everything perfectly. It does seem to get hung up on quarantining detections sometimes, so you’ll get continuous notifications until you manually deal with the detection, however the detected service is in a non-functioning state while in this loop.