'I am not a numero!': assessing global security threat levels

Bryan Lu Fortinet

Late last year Gartner analyst Greg Young wrote a blog post about the varying worldwide security threat levels as indicated in vendor online threat centres. He pointed out that, since global vendors are likely to detect the same active threats, they should post the same threat levels. However, vendors use different scale factors with conditions ranging from one to four or levels ranging from one to nine. Other vendors do not even provide threat levels on their public websites - possibly because they are providing details directly to their enterprise users or because they have no precise way of assigning public levels. Sadly, the threat level posting is proving to be more of a marketing add-on than a tool for security awareness.

Threat level is not just a number. This paper exposes the computation and logic behind threat levels and covers the three different security threat categories (virus/spyware, spam and vulnerabilities) that are different in nature. It will also touch on the complex formula affecting current threat levels. After all, the security community needs a standard way of assigning threat levels so it is transparent and helpful to end users.

VB Conferences

VB2011 (Barcelona)

VB2010 (Vancouver)

VB2009 (Geneva)

VB2008 (Ottawa)

VB2007 (Vienna)

VB2006 (Montréal)

VB2005 (Dublin)

VB2004 (Chicago)

VB2003 (Toronto)

VB2002 (New Orleans)

VB2001 (Prague)

VB2000 (Orlando)

VB99 (Vancouver)

VB98 (Munich)

VB97 (San Francisco)

VB96 (Brighton)

VB95 (Boston)

VB94 (Jersey)

VB93 (Amsterdam)

VB92 (Edinburgh)

VB91 (Jersey)

‘This was my first attendance at a Virus Bulletin conference and I found it extremely worthwhile - excellent speakers, good discussions, valuable networking and generally a decent educational venue.’

Quick Links

Poll

When do you install software updates?
Leave a comment
View 12 comments

virusbtn: RT @emailsecmatters: The typical spam message has sources as diverse as the spam lunch meat: http://ht.ly/2yucd
2 hours ago

virusbtn: Can anyone write a rap about our RAP tests (http://bit.ly/255ySQ) and submit it to the Symantec competition http://bit.ly/bOJg8r
5 hours ago

VB100 certification

With another epic haul of 54 products to test this month, the VB test team could have done without the bad behaviour of a number of products: terrible product design, lack of accountability for activities, blatant false alarms in major software, numerous problems detecting the WildList set, and some horrendous instability under pressure. Happily, there were also some good performances to balance things out. John Hawes has the details.
See full results.

Virus Bulletin currently has 208,224 registered users.

Fighting malware and spam