When it comes to cybersecurity for small and medium-sized businesses (SMBs), antivirus (AV) protection is one of the simplest and fastest ways to strengthen the organization’s security posture. Though this tool is only one component within a comprehensive security offering, AV solutions provide a critical line of defense against highly destructive cyber threats, including malware and ransomware.
But with a crowded and complex landscape, it can be difficult for an organization to identify a reputable and experienced vendor to meet the business’s specific needs and budget. In this blog post, we review some of the most effective AV software solutions for businesses and review a short list of what to look for as you evaluate your options.
Antivirus vs Next-Generation Antivirus
As you explore the AV market, one of the first terms you might encounter is Next-Generation Antivirus (NGAV). As the name implies, NGAV tools use advanced technology, such as artificial intelligence and machine learning, as well as the cloud to provide a deeper level of protection.
The main differences between AV and NGAV tools has to do with how the tools operate and what they protect against. Legacy AV protects the organization from known threats – or threats we’ve seen before – by looking for a string of characters, or “signature”, that is associated with specific types of malware.
NGAV, on the other hand, uses more sophisticated prevention methods, such as machine learning, behavioral detection, and artificial intelligence, to detect both known attacks that have a signature, as well as unknown threats that do not. Also, because NGAV tools leverage the cloud, they provide real-time, continuous protection and performance that most AV tools cannot match.
While many companies still offer legacy AV solutions, the industry is well aware of the potential protection and performance shortcomings of these tools. Most consider this approach obsolete as sophisticated attackers consistently find ways to circumvent legacy AV defenses, such as by leveraging fileless attacks that use macros, scripting engines, in-memory, execution, etc., to launch attacks.
Bottom line: An AV solution is certainly a helpful tool, but an NGAV solution will provide far stronger, more comprehensive protection.
Checklist: What to look for in an antivirus solution
- Does the solution prevent known and unknown attack vectors, including signatureless and malware-free attacks? (i.e., is the tool a traditional AV solution or NGAV?)
- Does the tool protect the device even when it is offline?
- Does the solution use artificial intelligence (AI), machine learning (ML), heuristics and behavioral analysis to detect advanced attacks and unknown threats?
- Does the tool leverage the cloud to expedite deployment and streamline updating?
- Does the AV solution integrate with other tools and applications within the organization’s technology and security stack?
- Is the tool custom-built for business users?
- How does the solution rank based on independent analyst evaluations from reputable firms like Gartner, IDC, and Forrester?
- How does the tool perform in peer reviews, such as those offered by G2, TrustRadius, and Gartner Peer Insights?
- Has the tool been evaluated according to industry standards such as the Mitre ATT&CK framework, SE Labs Breach Response Test, and AV-TEST?
- Attackers’ use of malware with built-in exploits increased by 27% in 2021.
- The number of droppers used in malware distribution increased by more than 37% in 2021.
- Zero-day exploits were found being used in the wild in 2021 - an all time record high and almost twice as much as 2020.
Bucharest, Romania | 2001 | www.bitdefender.com
Bitdefender is a Romanian cybersecurity company that offers several tiers of AV solutions, including a free version, for both personal and enterprise use.
- Paid AV packages offer protection across all devices and operating systems, including Windows, macOS, iOS and Android.
- All packages include Bitdefender’s Standard Protection Suite, which provides multi-layered protection, including prevention and detection, against new and existing threats.
- All security features are managed through a single app, which has minimal impact on system performance and the user experience.
- Paid plans begin at $118.99/year for five devices.
- Affordable pricing and flexibility in device coverage makes Bitdefender a good solution for small and medium-sized businesses, as well as personal accounts.
Broadcom (previously Symantec)
San Jose, CA | 1961 | www.broadcom.com
Following its acquisition of Symantec in 2019, software company Broadcom offers Symantec Endpoint Security, a multi tier security software suite for enterprise clients.
- Symantec Endpoint Security is a software package that offers antimalware, intrusion prevention and firewall services for traditional and mobile endpoints, as well as servers, across Windows, Mac, Linux, Windows S Mode, Android and iOS operating systems.
- The solution is deployed via a single agent that supports a variety of IT environments, including cloud, on-premises and hybrid.
- Multilayer attack prevention leverages ML and AI technology to provide real-time protection against file-based and fileless attacks.
- Software packages include a customizable VPN feature to protect network connections and support compliance.
- All endpoints can be managed through a single interface and agent.
- Symantec Endpoint Security is custom-built for enterprise clients.
- Contact Broadcom for pricing information
Austin, TX | 2011 | www.crowdstrike.com
CrowdStrike is a cloud-native cybersecurity company that protects endpoints, cloud workloads, identity, and data. Their robust NGAV and endpoint security solutions are delivered to enterprise and small- and medium-sized businesses as part of its Falcon platform.
- CrowdStrike Falcon® Go is an easy to manage protection NGAV solution that leverages AI and ML to protect against known and unknown attacks, including the latest malware and ransomware threats.
- CrowdStrike Falcon® Go offers continuous protection across major platforms, including Windows, Windows Server, macOS and Linux, and protects all connected devices, even when they are offline.
- As a cloud-native solution, it can be deployed and fully operational within seconds, without any impact to system performance, with no need for on-premises infrastructure or device reboot
- Falcon Go, which includes the NGAV tool, device control and express support, can be purchased directly online. Pricing starts at $299.99/year for five endpoints; the company offers a free 30-day trial for new customers.
- Flexible pricing tiers and a comprehensive service offering makes CrowdStrike an ideal solution for small and medium-sized businesses, as well as enterprise clients.
Bratislava, Slovakia | 1992 | www.eset.com
ESET is a Slovak software company specializing in cybersecurity. The company provides AV solutions for both business and personal use in more than 200 countries worldwide.
- ESET offers several tiers of protection for all devices across Windows, Mac and Android operating systems.
- Offers a multilayered solution that includes NGAV, as well as endpoint protection platform (EPP) services, to provide prevention, detection and remediation services.
- ESET LiveGrid provides automatic protection against newly detected zero-day threats, such as ransomware and malware, without the need for an update.
- Pricing for enterprise packages starts at $190/year for five devices.
- Flexible pricing plans make ESET a good solution for small- and medium-sized businesses.
Santa Clara, CA | 2008 | www.malwarebytes.com
Malwarebytes is a cybersecurity services provider that offers NGAV protection, as well as on-demand scans to remove dormant malware and threat artifacts. The company offers a variety of service tiers, as well as packages for home and enterprise use.
- Offers protection for all devices across all operating systems, including Microsoft Windows, macOS, ChromeOS, Android and iOS.
- For business users, AV software is included as part of Malwarebytes For Teams, which protects business files and data against malware, ransomware, hackers, and emerging threats.
- Software is deployed through a single, low-footprint agent that neutralizes malicious code without impacting device performance.
- All security functions can be accessed from a single dashboard with an intuitive UI to streamline remediation.
- Paid subscriptions start at $45.99/device/year for business clients.
- Flexible and affordable pricing model makes Malwarebytes a strong choice for small- and medium-sized businesses.
San Jose, CA | 1987 | www.mcafee.com
McAfee is a security software company best known for its AV solution. The company offers several tiers of service, including a free version for Android and iOS devices, as well as software packages for personal and enterprise use.
- McAfee Total Protection provides real-time, online and offline protection for all devices against known and unknown threats, including malware, ransomware, viruses and trojans.
- As part of the AV software package, all plans include additional privacy services, such as firewall services, VPN, identity monitoring, credit monitoring and password manager.
- Higher-tier plans include $1 million coverage for eligible losses and fees due to identity theft and fraud.
- Paid plans start at $89.99/device/year.
- McAfee is perhaps best known as a consumer solution, but it is also a great choice for enterprise clients.
Redmond, WA | 1975 | www.microsoft.com
Microsoft Defender Antivirus is an antimalware component of Microsoft Windows for Windows PCs. In 2022, Microsoft announced the launch of Microsoft Defender, which offers cross-platform protection for Android, iOS and macOS devices.
- Microsoft Defender Antivirus offers automatic and continuous protection for Windows PCs against malware, ransomware, phishing, spam and other threats.
- Microsoft Defender offers cross-platform protection across all Office 365 workloads with a special focus on email security.
- Microsoft Defender Antivirus is included as a free, standard feature in any Windows PC; it is also included in many Office 365 plans, or as an add-on feature.
- Microsoft Defender is available through Office 365 cloud software purchases; business versions are also available for purchase. Plans start at $2/user/month.
- Microsoft Defender is a strong solution for enterprise clients, particularly those that already have security services from Microsoft.
Palo Alto Networks
Santa Clara, CA | 2005 | www.paloaltonetworks.com
Palo Alto Networks is a cybersecurity company that offers an NGAV solution as part of its Cortex XDR offering.
- Palo Alto Networks leverages AI to identify and block advanced attacks, including zero-day malware, fileless attacks, and script-based attacks, based on exploit techniques, methods and behaviors, as opposed to signatures and files.
- Cloud-based agent deploys instantly and provides immediate protection without the need for on-premises equipment.
- Integrates with other security tools to inspect unknown files and share intelligence across the vendor security stack.
- Option to disable network access or terminate processes on select endpoints to halt the attack path and limit impact.
- While Palo Alto Networks is often cited among analysts as a strong security partner, relatively high deployment and operations costs makes this company a suitable solution mainly for enterprise clients.
- Contact Palo Alto Networks for pricing information.
Mountain View, CA | 2013 | www.sentinelone.com
SentinelOne is a cybersecurity company that offers Singularity Core, a cloud-native NGAV and EPP.
- Singularity Core offers real-time protection across all endpoints, containers, mobile Internet of Things (IoT) and data, whether offline or online, via a single agent.
- Singularity Core is a fully customizable, cloud-first solution that leverages a combination of static AI and behavioral analytics to identify and prevent a variety of attack vectors, including ransomware, known and unknown malware, and trojans.
- Supports all major operating systems, including Windows, macOS and Linux, as well as a variety of IT environments, including cloud, on-premises and hybrid.
- In addition to Singularity Core, Sentinel One offers a full range of security solutions, including an XDR offering, making it a viable choice for enterprise clients that want to implement a robust security toolset.
- Contact SentinelOne for pricing information
Abingdon, UK | 1985 | www.sophos.com
Sophos is a security and hardware company that offers AV solutions for both personal and commercial use.
- Intercept X is an enterprise AV solution from Sophos that combines anti-exploit, anti-ransomware, deep-learning AI and control technology to stop a variety of cyberattacks, including both known and unknown threats, fileless attacks and zero-day threats.
- The tool includes advanced capabilities that identify and prevent malicious encryption techniques used during ransomware attacks.
- Intercept X can be integrated with other Sophos products and services to further strengthen the organization’s security posture.
- Intercept X is available as a free 30-day trial; subscriptions start at $37.07/user/year for up to nine users.
- Sophos solutions are marketed toward enterprise clients and their pricing model reflects steep discounts for companies that operate at scale.
Tokyo, Japan | 1988 | www.trendmicro.com
Trend Micro offers AV solutions as a standalone service for home use (Antivirus+ Security) as well as through the Apex One endpoint protection platform for enterprise clients.
- Trend Micro’s EPP offers threat detection, investigation and response via a single agent for server, cloud and user endpoints.
- Supports a variety of IT environments, including cloud, on-premises or hybrid, as well as Windows and macOS.
- Platforms leverage high-fidelity machine learning, behavioral analysis and in memory analysis to protect against a wide range of attack types, including zero-day threats and fileless malware.
- Option to integrate with other solutions from Trend Micro, including XDR capabilities and threat hunting services, as well as third-party tools through a broad API set.
- Free trial available; custom quotes available by request.
- Versatility of services and competitive pricing make Apex One a strong solution for small- and medium-sized businesses.
Broomfield, CO | 1997 | www.webroot.com
Webroot is a cybersecurity company that offers a cloud-based AV solution for personal and business use. Webroot’s Business Endpoint Protection platform is a cloud-driven, software-as-a-service (SaaS) security solution custom-built for SMBs.
- Webroot’s Business Endpoint Protection platform offers fully automated endpoint detection, prevention and remediation against a variety of script-based and fileless attacks.
- Lightweight, cloud-based agent deploys in seconds and protects MacOS devices, Windows computers and servers, virtualization, terminal servers and Citrix environments, even if the device is offline.
- The platform operates via a centralized, cloud-based console and does not require any on-premises hardware; agent updates automatically in real time via the cloud.
- IT teams can leverage preconfigured templates or customize policies based on organizational needs.
- Paid plans start at $150/year for five devices.
- Webroot’s Business Endpoint Protection is designed and marketed specifically for the SMB segment.v