Proper security hygiene can prevent most attacks, not better antivirus software. Proper security hygiene means:
* applying security updates
* enforcing least privilege
* reducing attack surface (e.g. Does your desktop really need open ports?)
* using decent passwords and two factor authentication when possible
* not reusing passwords in case a place where you used a password is compromised
* not executing code from untrusted sources
* checking whether code from a trusted source is vulnerable to a MITM attack before executing it
* saying no to prompts for elevated privileges unless you can prove to yourself that there is a good reason for them and finding out what caused a prompt for elevated privileges when you see no legitimate reason for it
* wiping a system should you think it might have been compromised and maybe also discarding the hardware just in case firmware was altered, which is what the US government tells US CEOs to do with things that they bring to China
* not providing confidential information (e.g. your password) just because someone claiming to be a trusted party such as IT called asking for it
That last one is how the NSA red team hacked the Pentagon's Joint Staff intelligence directorate when doing penetration testing as part of a "war game" in 1997:
That said, there are likely more when thinking about confidentiality (the other half of security), but these are the ones that occur to me when I think about ensuring system integrity.
Anyway, antivirus does not save you if you fail to do any of those things. Anything that could get by all of that would be a zero-day attack where antivirus software is likely to be similarly useless. Not all zero-day attacks can get past all of that (minimal attack surface is awesome). If you are the principle target (like the Pentagon was for the NSA red team), antivirus software has no chance of saving you against a zero-day attack.
* applying security updates
* enforcing least privilege
* reducing attack surface (e.g. Does your desktop really need open ports?)
* using decent passwords and two factor authentication when possible
* not reusing passwords in case a place where you used a password is compromised
* not executing code from untrusted sources
* checking whether code from a trusted source is vulnerable to a MITM attack before executing it
* saying no to prompts for elevated privileges unless you can prove to yourself that there is a good reason for them and finding out what caused a prompt for elevated privileges when you see no legitimate reason for it
* wiping a system should you think it might have been compromised and maybe also discarding the hardware just in case firmware was altered, which is what the US government tells US CEOs to do with things that they bring to China
* not providing confidential information (e.g. your password) just because someone claiming to be a trusted party such as IT called asking for it
That last one is how the NSA red team hacked the Pentagon's Joint Staff intelligence directorate when doing penetration testing as part of a "war game" in 1997:
http://www.slate.com/articles/technology/future_tense/2016/0...
That said, there are likely more when thinking about confidentiality (the other half of security), but these are the ones that occur to me when I think about ensuring system integrity.
Anyway, antivirus does not save you if you fail to do any of those things. Anything that could get by all of that would be a zero-day attack where antivirus software is likely to be similarly useless. Not all zero-day attacks can get past all of that (minimal attack surface is awesome). If you are the principle target (like the Pentagon was for the NSA red team), antivirus software has no chance of saving you against a zero-day attack.