[AnIdiotOnTheNet]

People apparently disagree, but I'm with you. The idea that antivirus software is actually a worthwhile mitigation tool is a relic from the 90s. Malware defeats antivirus all the time, and sometimes even exploits it directly. Meanwhile, aggressive antivirus software is eating a percentage of every single task you do on your computer, actively impeding your work every second of your day.

The tradeoff is not worth it, in my professional opinion.

[mszcz]

While I wholeheartedly agree with you, I think that putting the horrible piece of shit antivirus software on enterprise boxes is a cover-your-ass tactic. It's required from IT depts to be able to say they followed industry standard practices and did their due diligence to prevent threats, regardless of whether those have any useful, practical effects at all.

My wife has a brand new corp issued Carbon X1 and I can hear it routinely spin fans 100% because of Norton FuckYourCPUandIO (tm) software doing nothing of use besides inducing anger.

[hdjjhhvvhga]

Of course it's not worth it, but in many orgs it's required for compliance. It may change in the future as most people realize it's not that useful, just like NIST changed the rule about password updates.

On the other hand, it might seem useless because malware creators know it's there. Basically all functional pieces of malware have to go through VirusTotal otherwise they won't be effective. But if all orgs dump antivirus software it would be a bit like giving up MMR vaccination in children.

[nix23]

Compliance for the sake of Compliance is just to protect ones ass and has nothing todo with security (aka no one gets fired for buying IBM)

[astura]

Most companies have to have Antivirus anyway, for compliance reasons.

[MonaroVXR]

Depends on what the "anti-virus' does isnt it?