Is AntiVirus Software Enough Protection?

Posted on by Net Primates

About this video

Released in December 2020, this video explains how traditional AntiVirus (AV) software works, and examines the difference between AV and modern Endpoint Detection and Recovery (EDR) software.

Introduced in the 1980s, traditional antivirus software worked by scanning files and comparing the contents against a library (virus definitions database) of previously identified viruses. These virus definitions databases needed regularly updating, but were always playing catch-up. When a virus pattern was identified, it was blocked/quarantined, preventing it from being run on a particular computer.

As viruses became more sophisticated they became harder to spot, and heuristic detection was introduced to start to match patterns in activity rather than just focus on the contents of files themselves.

At the same time viruses started evolving + mutating, giving rise to the term ‘Zero-Day’, a threat that is so new it hasn’t been seen before and therefore can’t be identified by traditional examination methods alone.

Endpoint Detection & Response (EDR) provides a modern solution to this situation. EDR still examines the content of a given file, but is more interested in seeing how a file behaves.

Does your word document just open in word and show some text, or does it attempt to modify the registry, copy itself to other computers on the network, or connect to the internet to download some files or talk to a command & control server for ransomware purposes?

By closely monitoring what actions a file or process initiates, EDR software offers the ability to block based on suspicious activity, and even to roll-back and un-do any changes that have been applied to a device or filesystem.



Traditional AntiVirus does NOT provide enough protection to your business in the current cyber security climate.


Take away actions on this topic are

  1. Speak to your IT Support Team (internal or external) to see when they last reviewed / upgraded your antivirus software. Does it protect from Ransomware? Can it monitor and roll-back changes made to the system, or just block suspicious/malicious files
  2. Check you’re not just renewing legacy software subscriptions because they keep sending invoices. Is your solution modern, up to date, and fit for purpose?
  3. Consider reviewing options from other vendors, whether EDR specific software solutions if your IT is managed in-house, or discussing what protection another IT provider would recommend if you outsource that role within your business.


For more videos in this series, please subscribe to our youtube channel linked below, or visit

Contact Us if you have any questions on this topic, feedback on how we can improve these videos, or suggestions for future topics you’d like us to cover!

Resources related to this video

Net Primates Videos

Return to our IT & Cyber Security Tips page at

Recent Tips

Cyber Security 101 - Passwords

About this video Exploring the MASSIVE impact that Passwords have on Cyber Security, why theyR...

What to do if your password is hacked or stolen

Summary of the steps outlined in Video Change your password immediately – even if you̵...

Don't reuse passwords! Here is why ...

About this video This video explains problems with reusing passwords across multiple sites / serv...

How to create strong passwords you can actually remember!

About this video A quick & easy to learn, process to generate AND REMEMBER secure passwords f...

What is Multi Factor Authentication (MFA) and why you should use it

About this video This video introduces the recent evolution of Computer Authentication, from basi...