Antivirus (AV)

Antivirus detects and removes known malware using signatures and behavioral techniques.

Updated: 2026-03-05

Definition

Antivirus (AV) is endpoint security software that detects, quarantines, and removes malicious files.

Modern AV often combines signatures with heuristic and behavioral detection, but it is usually less focused on investigation/response than EDR.

Key points

Best for known malware and common threats
Often signature + heuristic detection
EDR typically adds deeper telemetry and response workflows

Common mistakes

Assuming AV alone is enough for modern targeted attacks.
Disabling AV for performance and forgetting to re-enable it.

Related exams

CompTIA Security+ (SY0-701)

Free Security+ SY0-701 mini test. Continue in the app for offline packs and detailed explanations.

CompTIA A+ (220-1201 / 220-1202)

Free CompTIA A+ mini test. Continue in the app for offline packs and detailed explanations.

Related terms

Want to practice this in exam-style questions?

Use the mini tests on each exam page, then continue in the app for offline packs and detailed explanations.