Related Resources • Virus Encyclopedia • Glossary of terms

Elsewhere on the Web • AVIEN/AVI-EWS site

In these uncertain times (and what time isn't?), knowledge may well prove to be your strongest asset. Imagine if you could tap into the brains of thousands of IT persons devoted to enterprise security and participate in a virtual think tank with these professionals 24/7. Not only do such groups exist, they can help ensure your systems are far less likely to ever suffer damage from new viruses. Through early warning, advisories, and old-fashioned discussion, AVIEN and AVI-EWS not only help the individual subscribers secure their systems against newly spreading attacks, they help protect non-members as well. Quite simply, such groups help contain threats more quickly, mitigating chances for widespread infection. Not only does each group provide realtime appraisal of threats as they are occuring, the wealth of knowledge and open collaboration allows administrators to quickly take action - providing effective means of actually preventing the infection from spreading further.

Robert Vibert, Administrator of AVIEN and AVI-EWS describes the groups as "two over-lapping communities which have arisen as a result of the increasing need to take a collective and holistic approach to the malware problem. Both provide on-line forums where security issues are discussed in real time and from the prevention perspective. The growth of both communities has been astounding, and the most likely reason for this is that people on the front line have been needing this sort of resource for years." Perhaps John Leyden, in an article for The Register, described it best when he defined AVIEN as "a grassroots organisation representing the interests of corporate users (which) has received a frosty welcome from the anti-virus community." Keywords are "representing the interests of corporate users" - a job which AVIEN does quite well, and while early reception might have been frosty, more and more vendors are joining the AVI-EWS group to the benefit of all. According to a recent press release, AVIEN and AVI-EWS memberships continue to rise and the groups now represent "hundreds of organizations from around the world, representing more than 5 million PCs...since it was formed less than 18 months ago.

"For many years, security specialists working to defend their organizations against attacks from viruses, worms and other forms of malware had essentially two choices if they wanted to learn more about this topic: work in relative isolation or be invited to join a vendor-oriented group," Vibert explains. "The vendor-oriented groups (CARO, REVS, V-FORUM, AVPD, etc.) were designed from the beginning to respond to the need to share information, but membership was usually restricted to those who worked for a software vendor or occasional corporate employees and university researchers who were invited to join to share their insights."

According to Vibert, "For the vast majority of specialists working in large organizations on malware defense, there was little hope of entering that circle. They could read the few books on the subject that were published, try to sift some information out of the noise on USENET groups like alt.comp.virus, take training from vendors, and do their own research. Meanwhile, the complexity of mounting defences grew constantly, as more and more operating systems and networks were subject to malware attack. The birth of AVIEN and then AVI-EWS has resulted in greatly improved response capabilities in many organizations."

Certainly the groups have been instrumental in placing corporate users and vendors on more equal footing. If knowledge is power, and power can be positively or negatively charged, then AVIEN and AVI-EWS are the balance beam that gives corporate IT administrators a leg up against malicious code threats.