More definitions added in a this week? NOD or KAV?

More definitions added in a this week? NOD or KAV?

How can I see the numbers of definitions KAV add every update? Nod32 we can see in it´s home page... Where can I see the KAV definitions number add in a update?

 

just click on the date you want to know about and it will open up all of the defs added that date. here

 

Well, after analising KAV definitions number, I think NOD32 has very few definitions... why Eset do not add more definitions? Octuber 26 KAv added 103 definitions... NOD32 added only 37 definitions..

Octuber 25 KAV added 108 definitions... NOd32 only 23...etc

 

Number of signatures added should never be representative of malware detection. A vendor can just add one signature and update the engine so that it detects multiple variants of a virus with that signature, or use heuristics to detect even more. Others may prefer to add specialized detection for each variant, possibly for better cleaning/removal of the same.

Therefore, comparing number of signatures is not an "apples-to-apples" comparison in any way.

 

" A vendor can just add one signature and update the engine so that it detects multiple variants of a virus with that signature, or use heuristics to detect even more. Others may prefer to add specialized detection for each variant, possibly for better cleaning/removal of the same."

Are these the case of NOD32?

 

NOD32's users do not see a lot of improvements made behind the scene. If you add one signature for a particular file, only the particular threat will be detected. However, if you add generic signatures (not seen in the update list) an unlimited number of new variants will be detected without needing to add individual signatures for particular threats. That's it. The number of signatures in the database tells almost nothing.

Very theoretically, if it was enough for a particular AV to have 1000 signatures that would cover every single current and future threat (of course, this is utopia), would you choose an AV with 100,000 signatures in the database that would need to add an individual signature for every future threat, or you would decide for an AV with unlimited detection capabilities with zero-time protection? Of course, the real world is totally different so you need to have an AV with both an extensive signature database along with a superb heuristics to detect new threats.

 

Thanks for the explanation...

But is this the case of NOD32? Does Nod32 add more generic signatures than KAV, so that´s why KAV added 103 and nod32 just need to add 37 to be about the same level of protection than KAV?

 

As I said, you see only signatures added for particular threats in an update list. However, there are much more generic signatures added "behind the scene" that you don't see, but they will detect also future variants of other threats not listed in the update list.