What options we have if we would like to use a free cloud-only AV? Here a list of SW I'm aware of: Panda http://www.pandasecurity.com/homeusers/solutions/free-antivirus/ Comodo Cloud AV https://antivirus.comodo.com/cloud-antivirus.php McAfee Cloud AV https://download.mcafee.com/molbin/iss-loc/mfeav/mfeavinstlight.exe Qihoo 360 TS/TSE (they have the option to use Avira and/or Bitdefender offline databases) https://www.360totalsecurity.com/en/features/360-total-security/ https://www.360totalsecurity.com/en/features/360-total-security-essential/ Tencent PC Manager (the TAV version is cloud-only, the normal version comes with Bitdefender offline database) http://www.pcmgr-global.com/ Immunet (it offers the option to use ClamAV offline database) http://www.immunet.com/
What is the use case for cloud-only? Using a light scan engine locally, while sending the heavy lifting up to the cloud computers as APC does, seems like the optimal solution.
Panda is not actually cloud-only. This sounds exactly like the way Avira scans my system, according to my logs. http://www.pandasecurity.com/mediacenter/malware/arguments-against-cloud-based-antivirus/ [this is an old article, but Panda was a pioneer in cloud scanning, so this is still relevant]. "Actually not everything is checked against the cloud. At least with Panda’s implementation of cloud-scanning there are locally installed technologies (heuristics, cache of cloud-detection, goodware cache, etc.) that are able to detect a good deal of malware threats and known good files. All these files are not checked against the cloud. Think about it, once you install the cloud-based antivirus, how many new programs do you install on your computer every day? Not that many, right? Once installed, only new programs copied or trying to run on your computer are checked against the cloud (if they are not detected first by the local technologies). From our beta testing phase we have seen that on average Panda Cloud Antivirus only consumes a few KB of bandwidth per day, less than the typical traditional signature updates."
Comodo Cloud Scanner - https://help.comodo.com/topic-73-1-147-763-.html Malware / Suspicious File Scanner "Comodo Cloud Scanner offers an extremely fast way of finding out whether your computer has viruses, root-kits, worms, spyware, adware, non-trusted processes or suspicious drivers and services. Apart from using a locally installed white-list of trusted executables, CCS also uses a real-time file look-up service to identify malware and suspicious (untrusted) files. The scanner is also great at discovering any hidden processes that are running on your computer – processes which may have been started by malicious software." Perhaps the distinction should be made between signature based vs. signature-free clients, as it seems most AV's today are using some hybrid of cloud computing to detect recent threats?
Well, it's difficult to make a line to separate cloud-only and cloud-assisted AVs... in my opinion, a cloud-only AV doesn't need to download hundreds of Mb of signatures on the user's PC, but maybe it will sync the local cache with the cloud database. So, I think your remark below makes sense
Comodo Cloud has potential, but based on the observations of these Wilders users, it may still need some work ... https://www.wilderssecurity.com/threads/comodo-cloud-antivirus-beta-releases.381221/page-7
Most of those reviews are pretty old. I tested CCAV around 1 year ago and it was terrible, but now I'm using it (instead of Comodo Firewall 10) and it's working really well
I have noticed that AV-Comparatives methodology leaves an AV product's cloud connection active when testing products for malware detection rates. They also run a performance impact test so you can see how the players stack up in that regard. Certainly worth checking out. I think that many AV vendors have realized that relying an a client-only approach is limited by the computing power of the client, and the ability to deliver the latest signatures frequently. By using a cluster of fast servers to process file hashes and to identify the latest emerging threats in real-time, makes a cloud defense superior. But at the same time, I would be worried if those servers became temporarily unreachable, say a network connections was down, or even due to a DNS snafu. I wouldn't want to be defenseless on the local client until the network issues are resolved...
Is Panda really only 2MB big, or is it the installer? Didn't want to to download it, because I hate download.com, don't trust them.
Extract the Self-extracting archive, look into the file Stubinstaller.ini and there you can find the url to the full Download (~65 MB). You can't miss it. Edit: Or download it from known download-sites (see above)
Yes I agree, a completely cloud based AV would be a bad idea. Thanks, quite cool of FileHippo to host the full version, I can't stand those app installers.
Panda appears to be a reasonable hybrid model of cloud based protection. Panda scored very well on the March 2017 "Real World Protection Test", as well as the "Malware Protection Test" at AV-Comparatives. Also of note is the very low false positive rate.
Well I don't want to start anything here, but I would take an academic organization's results first. Tests run by an individual are interesting, but to be taken with a grain of salt.