What is an Antivirus/Antimalware software:
An antivirus software is originally designed to offer protection against computer viruses (as its name suggests). Given the proliferation of other kinds of malware, antivirus started to provide protection from other computer threats too, such as: Trojans, keyloggers, rootkits, backdoors, phishing attacks or botnets, but limited to the classic ones.
Antivirus is often called an anti-malware program, and people tend to use both terms interchangeably, by mistakenly thinking that antivirus programs can address all types of malware, which is not the case. They cannot detect every type of infection, and can’t protect users against advanced forms of malware, like antimalware software does.
Main features to look for in an antivirus program:
- Virus scanning, which is done in the background, and the scanned file or program will only open once the antivirus program has finished fully scanning the system. Most antivirus programs have a real-time scanning feature which allows to quickly detect the presence of malicious files on your PC.
- Blocks malicious script files and prevent them from running, because they put your computer at risk of being infected with malware.
- Heuristic analysis is a method used at many computer antivirus programs and designed to identify previously unknown computer viruses, as well as new variants of viruses.
- Automatic updates are necessary to track and detect new threats that didn’t exist when the antivirus software was installed.
- Malware removal is important because there are many types of malware out there that can harm your computer. However, many free AV programs might be only limited to detect and block malware, but won’t be able to remove it from an infected computer. For that, you will probably need to purchase a paid version of antivirus or a software program specialized in removing malware.
- Database of known malware which compares each scanned file to the contents of the database.
- Ransomware protection is an added feature included in most of the paid versions of antivirus programs and offered to premium users. Basically, it gives your trusted apps access users’ most important files and documents, while immediately blocks everything else that’s suspicious. For example, here’s how ransomware protection feature works for AVG antivirus program.
- Antivirus might also be packed with phishing protection, vulnerability scan, browser protection, system optimization.
Antimalware abilities can cover a broader software solution, such as anti-spyware, anti-phishing or anti-spam, and is more focused on advanced types of malware threats, such as zero-day malware, quietly exploited by cyber attackers and unknown by traditional antivirus products.
The main features to look for in antimalware software:
- Scan, detect and remove known Trojans, adware, spyware, and other advanced malware
- Acts like a shield and offers second generation malware protection
- Is a malware removal tool
- Automatic software updates to easily identify new online threats
- Traffic filtering for your Internet activity to secure your PC against cyber threats and blocking access to infected servers, PCs.
- Provide online banking security for safer online banking experiences
- Anti-phishing protection is a feature that is focused on detecting and blocking scam and phishing websites.
- Offer security against advanced exploit kits. Here’s a useful guide for non-technical people about the Angler exploit kit, which was one of the most notorious exploit kits used in cyber-attacks in the past years.
- Protect against website involved in malware distribution
- Provides a specialized malware database.
- The type of features you will find in antimalware products can be very different, depending on the security vendor. Features are bundled differently, with more or less focus on proactive security, depending on what the products aim to offer.
Windows Defender, combined with some basic awareness of the current threats is sufficient to keep a machine healthy and clean from malicious software. Apple products also have sufficient security by default, if used correctly.
You always have the option of installing additional third-party antivirus software but it must be done with some research when comes to choosing the vendor. This is because each vendor provides slightly different features (such as password managers) so you should choose based on your extra needs. Fortunately, windows defender can work on par with other third-party software but you should keep in mind this will have an impact on your computer's performance.
In conclusion, you don't have to invest on a third-party antivirus unless you require specific features and an extra layer of security (given that you have enough hardware capacity).
IMPORTANT: For best results,it is essential to keep windows defender and windows in general up to date. You can do that by typing "Windows update" or "Windows Defender settings" in windows' search bar next to the "Start" button.
Controlled Folder Access:
Windows Defender provides a feature called Controlled Folder Access which is a protection measure against Ransomware. This feature lock files and directories on your machine from being changed without permission.