We have been participating in an ESET Proof of Concept (POC) and as part of the test, we installed Windows 10 and deployed the ESET Agent. We disabled Windows Defender on both the primary host and VMware host. However, after running malware on the VMware host where the ESET Agent is installed, we found that the ESET server did not detect the malware as no logs were recorded. Surprisingly, Windows Defender automatically blocked the malware even though Bitdefender was still off. We are wondering what could have gone wrong with the ESET configuration that caused it to miss the malware while Windows Defender was able to detect it.
There could be several reasons why ESET did not detect the malware in your proof of concept (POC) while Windows Defender was able to. One reason could be that the configuration settings of ESET need to be updated or modified to better detect the type of malware you were testing. Additionally, it is possible that the malware was designed to evade detection by ESET specifically, which is not uncommon for advanced malware that is specifically engineered to bypass antivirus software.
Another possibility is that there may have been an issue with the installation or deployment of the ESET Agent or its associated components, such as a misconfiguration or a problem with the implementation process. It is also worth noting that while ESET and Windows Defender are both antivirus solutions, they use different detection technologies that may have varying levels of effectiveness against different types of threats.
To address the issue, it may be helpful to consult with ESET technical support to review the POC configuration and ensure that everything is properly set up for maximum protection against malware. You may also want to consider testing additional malware samples to see if ESET can detect those threats.