The media recently twisted a modest Imperva study of antivirus effectiveness into a sensationalized industry expose.\n\tOn Monday The New York Times ran a story that said:\u00a0\u201cThe antivirus industry has a dirty little secret: its products are often not very good at stopping viruses.\u201d It based this on a study by Imperva, even though that\u2019s not what Imperva's study said.\n\tFrom the study:\n\t\n\t\t"1. The initial detection rate of a newly created virus is less than 5 percent. Although vendors try to update their detection mechanisms, the initial detection rate of new viruses is nearly zero. We believe that the majority of antivirus products on the market can\u2019t keep up with the rate of virus propagation on the Internet.\n\t\n\t\t2. For certain antivirus vendors, it may take up to four weeks to detect a new virus from the time of the initial scan.\n\t\n\t\t3. The vendors with the best detection capabilities include those with free antivirus packages, Avast and Emsisoft, though they do have a high false positive rate."\n\n\tImperva's study clearly focuses on new viruses, not all viruses. This is something the Times story doesn\u2019t point out until the fifth\u00a0paragraph.\n\t\n\t\t"By the time [antivirus] products are able to block new viruses, it is often too late. \u2026 A new study by Imperva, a data security firm in Redwood City, Calif., and students from the Technion-Israel Institute of Technology is the latest confirmation of this. Amichai Shulman, Imperva\u2019s chief technology officer, and a group of researchers collected and analyzed 82 new computer viruses and put them up against more than 40 antivirus products, made by top companies like Microsoft, Symantec, McAfee and Kaspersky Lab. They found that the initial detection rate was less than 5 percent."\n\n\tWhile new attacks are constantly being developed, the huge numbers of older viruses\u2013which can be detected and stopped\u2013represent just as big a threat. And, by the way, the new viruses eventually become old viruses.\n\tThat\u2019s why the study\u2019s conclusions don\u2019t say anything about not using antivirus programs. They recommend understanding the limitations of these programs and acting accordingly. Those conclusions are:\n\t\n\t\tEnterprises and consumers spend on antivirus is not proportional to its effectiveness\n\t\n\t\tCompliance mandates requiring antivirus should ease up on this obligation\n\t\n\t\tSecurity teams should focus more on identifying aberrant behavior to detect infection\n\n\tLet me be clear: Antivirus software is marketed to make you think it will keep you absolutely safe from everything short of a meteor strike. Consumers often don\u2019t realize the limitations of the programs and that needs to change, either through more honest marketing or better education on the topic by the media. The Times article does not do this.\n\tI hope it wasn\u2019t Imperva\u2019s PR people who oversold the study, but even if they did it\u2019s still the reporter\u2019s fault for going along with it. It is a modest study which is honest enough to include reasonable questions about its methodology at the end. If only the associated news coverage matched that modesty.