I am working as a consultant for a company. I just up graded the firewall with a Fortigate and got thier corporate AV working correctly and scanning all the network computers.
The stake holders do not understand why the network was so badly infected after all the scans. I explained it was a combination of issues websites not updated with the latest patches from MS, or their AV is not up date, or there is a mic configuration on the site that allowed an attacker to put miscreant code up ... users surfing to sites that are know exploit sites... ect.
What I would really like is to know about is a web site that I can visit with my browser that will kick the AV into action and show the management what really happens when you go to a site that is infected.