Date Added: Sep 2009
An expanded method for testing AV products is described and demonstrated. The proposed method expands AV product protection scoring from malware file detection rates to include credit for blocking access to the URLs that serve downloaded malware files. This expansion is required because AV vendors have responded to the vast increase in the rate at which new unique malware variants are introduced to the Internet by blocking malware files based on their source URLs. Blocking by malware source provides a faster time-to-protect and utilizes less customer resources in updating threat information to the point of protection.