Detection speed in virus alerts All the virus samples send to F-Secure are handled by the Anti-Virus Research Team - also known as the Virus Lab. This team of experts receives hundreds of samples every week, each of which is analysed to uncover possible new and unknown viruses. During a typical day, several new viruses or worms are found in the files sent to us by our customers around the world.F-Secure's Virus Lab is also in charge of shipping out the updates to detect, stop and remove these new viruses. The average weekly number of updates shipped is now around 11 - typically two updates each working day. In order to stop a new virus outbreak before it gets out of hand, the detection needs to be shipped within a few hours of the virus being discovered. Virus Lab has been putting a lot of effort in making sure our response times are as short as possible. In order to reach such short reaction times, a big part of the process has been automated and the update delivery mechanism has been optimized for performance. Shortly after we publish a new update through our delivery mechanism, most of our customers receive it and immediately take the new updated definition files into use.Our average reaction time in major virus outbreaks has been around 2.5 hours - a figure that is world-fastest and with which we are very happy. This time is counting from the moment the first sample of the virus is received by the lab to the moment when the update is published worldwide.With such reaction times, F-Secure can consistently beat the bigger overseas competitors. Larger size can easily mean more bureaucracy, more fat and slower response. F-Secure wants to stay leaner, meaner, hungrier and beat the big boys in their own game. Independent reports show we do this time and time again.Lets illustrate this with one of the largest virus outbreaks of the year, Sobig.F, which started on August 18th.Lets see what actually happened:Tuesday 19th of August 2003All times listed in GMT (UTC):06:10 F-Secure receives first sample Sobig.F08:43 F-Secure ships an update09:45 Sobig.F epidemic gets out of hand10:37 Sophos ships an update12:53 Symantec ships an update13:39 Trend ships an update14:21 McAfee ships an updateThese reaction times are confirmed by Messagelabs UK. Messagelabs provides managed security email services to businesses.The differences in update shipment times do not seem too big. However, they had a huge impact on the end result. Basically, if your company's email gateways began stopping the Sobig.F worm before 10 AM GMT, your organization remained unaffected by the worm. However, if you only received the update after 10 AM, the virus had most likely already entered your internal network, and was already replicating within your local network as well as being sent out to your customers and partners from your systems.F-Secure Corporation is fully committed to maintain our excellent track record in fast reaction times and will continue to be the leader in responsiveness.Author: Mikko Hyppönen, Director, Anti-Virus Research Begin | Back
All the virus samples send to F-Secure are handled by the Anti-Virus Research Team - also known as the Virus Lab. This team of experts receives hundreds of samples every week, each of which is analysed to uncover possible new and unknown viruses. During a typical day, several new 