Microsoft adds brains to security drive

Microsoft announced this week that it is setting up security response and research operations in Ireland and Japan and launched a preview of a new online Malware Protection Center. The efforts are meant to make Microsoft, a security industry newcomer, more competitive.

Mark Miller, Microsoft's director of communications for security response, said on Wednesday: "This is significant. It is part of the globalisation of our research and response effort."

Microsoft is taking on incumbents such as Symantec, McAfee and Trend Micro, the world's top three antivirus companies, to conquer part of the multi-billion dollar security market. Industry watchers say Microsoft has done an impressive job building its security organisation, though the scaffolding has yet to come off.

Andreas Marx, an antivirus software specialist at the University of Magdeburg in Germany, said: "Microsoft is entering a very competitive market and one that is new to them. It will take several more months until Microsoft's products can be directly compared with those offered by Symantec, McAfee and Trend Micro."

Others think it will take much longer.

Andreas Clementi of AV Comparatives, which tests antivirus products, said: "It will take some years, perhaps five, for Microsoft to be up to par. Microsoft's detection rates are still low compared to other products. OneCare today is more of a system utility." Clementi was referring to OneCare's backup and disk clean-up features.

Together with a team in Redmond, Washington, Microsoft's new Europe and Asia research locations will offer round-the-clock coverage of security incidents. Microsoft started selling its Windows Live OneCare consumer antivirus product almost a year ago. Its Forefront Client Security software for businesses is set to ship in the coming weeks.

The security research and response team at Microsoft, as at traditional antivirus providers, investigates and responds to threats. A primary response is developing the "fingerprints" of known threats, called signatures. These are then sent to customers so their machines can be protected against those risks.

Joris Evers writes for CNET News.com