Battle In BD-Family, which one has the best proactive heuristic detection and behavioural protection?

Status
Not open for further replies.
Online_Sword

Online_Sword

Level 12
Thread author
Verified
Honorary Member
Top Poster
Well-known
Mar 23, 2015
555
"BD-Family" in the title refers to the antivirus softwares that use Bitdefener's engine.
Please note that this battle only focuses on the proactive heuristic/generic detection and behavioural protection capabilities.
 
  • Like
Reactions: conceptualclarity
Sort by date Sort by votes
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Its really hard to say when terms of heuristics/generic detection and BB protection capabilities cause they are just backup to help if traditional/main capabilities failed and gather minimal percentage.

An up to date AV should provide very well, also take note that a license borrow engine varies on agreement and utilizing signatures are not much effective therefore in-house/own engine is implemented as main purpose.

Anyway Emsisoft BB is obtain with cloud reputation which enhance the ordinary way of detecting suspicious behavior and without it the detection capabilities is different, goes also to F-secure Deepguard.

The best to obtain the real engine is from Bitdefender itself in my personal view as no limits at protection.
 
  • Like
Reactions: dhul.karnain and Online_Sword
Upvote 0 Downvote
D

Deleted member 21043

Hello,

For behaviour blocking I would say that Emsisoft would be at the top based on the amount of features they provide in their behavioural detection. However, thaat doesn't mean the other products are bad. In my opinion I would then rate GData and BitDefender both in second place. But that's my opinion.

Heuristic detection on the other hand, that's a separate story. There is no way to really tell which one is better, unless you worked at each different company to compare which one has the: better databases and better developed engine. You can try testing each product using the free trial with a lot of samples and then you could: see which one has the better detection on the samples you had and which one you prefer to use on your system. However, remember just because one product has a better detection on a pack of samples does not mean it's detection is better than the others generally speaking. For example, Emsisoft have their own engine as well as using the BitDefender engine. Therefore, Emsisoft's engine may pickup threats which BitDefender's engine do not detect. But then BitDefender's engine may pickup threats which Emsisoft's engine may not pickup. See my point?

Each product has it's own strengths anyway and other features. For example, Qihoo have a sandbox in their product. Whereas currently there is no "sandboxing" tool available in Emsisoft to have an application executed in a virtual environment. As for BitDefender, they have a Parental Controls feature, and parents may benefit from their product as well as having it all linked up to their Antivirus/Internet Security.

On the other hand, one product may have good prevention protection (good behaviour blocker), but bad signature/heuristic detection. It could also be changed round; a product may have good signature/heuristic detection, but be helpless if it misses a sample which is then executed.

Personally if you were asking this question in the case of "Which one listed should I use?" then I recommend you test out each product and see which one you like best because only the user can decide. If it was down to me, my first pick from the list would have been Emsisoft, since I know they have good zero-day protection with their behaviour blocker and they have a good and well-managed cloud network to go well and easy with the Behaviour Blocker to enhance the users protection. Of course other products like BitDefender have their own clouds too, though.

With that being said no Antivirus is full-proof and part of the BD-Family or not, there is no "best" Antivirus. User-preference only: http://malwaretips.com/threads/why-there-is-no-best-antivirus-product.44676/

What I prefer or think is my opinion. Of course everyone has their own opinion on a product. ;)

Cheers. ;)
 
Last edited by a moderator:
  • Like
Reactions: conceptualclarity, jamescv7, kiric96 and 3 others
Upvote 0 Downvote
R

Ramona

Qihoo with QVM engine, I got infected with a "Ransom" this week it is a new version of CTBLocker. None of the so called top AV detected, Qihoo detected the main files and deleted. I still have half of my files encrypted.

Now I am using Qihoo and I highly recomment it. For me Qihoo 360 Total Security works better then Qihoo 360 Essential, Essential has some issues with high memory usage.
 
  • Like
Reactions: Online_Sword
Upvote 0 Downvote
A

Antivirus Tester

kram7750 said:
Why? Please explain your answer to the rest of us.
Click to expand...

Emsisoft is better because bitdefender incorporates heuristics along with there definitions and the bitdefeder engine which means emsisoft is actually bitdefender with another engine
 
Upvote 0 Downvote
D

Deleted member 21043

elizabeth johnson said:
Emsisoft is better because bitdefender incorporates heuristics along with there definitions and the bitdefeder engine which means emsisoft is actually bitdefender with another engine
Click to expand...
Ah, I best explain something real quick. I understand what you mean in your post, though.

I do not believe for one second that Emsisoft has the "full" BitDefender engine (so all of their static detection used in the BitDefender product including both the signatures/heuristics). If they did this, then BitDefender would be making business worse for themselves because then everyone would go to the other vendors over them thinking the normal detection is better (not everyone thinks about the other features in security software. A lot of inexperienced users just choose the one they think has a better detection on the general downloads...).

The products may not also give the products using their engine always "up-to-date" versions of the engine, but have delays in-front. This means that the products have some of the BitDefender engine to improve their detection, but do not make it in a way that they entirely end up "taking" all the customers of the company selling off their engine/parts of the engine.

It's like Qihoo use BitDefender engine. However, I have seen cases where a user has reported that a application detected by BitDefender is undetected by Qihoo when the product is up-to-date. This is an example: BitDefender may have given Qihoo part of the engine or set delays on when they get updates making BitDefender still in lead of use on their own engine.

Of course without actually working at Emsisoft you won't be able to know the fine details of the agreement between them and BitDefender. If you find a sample undetected by Emsisoft but detected by BitDefender, this will be an example that Emsisoft may not have all of BitDefender's signatures. I cannot comment on this as I do not specifically search for samples which are detected by an engine another product uses but undetected by the product using the engine... But, hopefully this explanation helped you.

Cheers. ;)
 
  • Like
Reactions: conceptualclarity, jamescv7, kiric96 and 2 others
Upvote 0 Downvote
Alexstrasza

Alexstrasza

Level 4
Verified
Mar 18, 2015
151
Regarding what is said above...
kram7750 said:
The products may not also give the products using their engine always "up-to-date" versions of the engine, but have delays in-front. This means that the products have some of the BitDefender engine to improve their detection, but do not make it in a way that they entirely end up "taking" all the customers of the company selling off their engine/parts of the engine.
Click to expand...
There is a delay between the definition updates of BitDefender and other AV vendors using their engine, but not because of any "agreement". This is due to the fact that BD has to distribute the updates to its OEM partners first. With Emsisoft, the delay is about 5 to 10mins (see Fabian Wosar's post here).

BitDefender did not share their real time protection technologies, so there are still differences between BD itself and other AV vendors that use their engine. So in terms of proactive real time protection it won't be any different whether they use the BD engine or not.
 
  • Like
Reactions: conceptualclarity, jamescv7, kiric96 and 1 other person
Upvote 0 Downvote
aztony

aztony

Level 9
Verified
Oct 15, 2013
501
Ramona said:
Avira, AVG, Avast , Kaspersky, ESET, BitDefender.
Click to expand...
Interesting, just goes to show no AV is a 100% foolproof. I was reading a thread over at Wilders the other day, unrelated, wherein another member who happens to be Chinese living in China made the following comment:
coolcfan said, Regardless of my opinions towards Qihoo the company, I do respect their engineers, especially in tech.
Click to expand...
 
Upvote 0 Downvote
H

hjlbx

elizabeth johnson said:
Emsisoft is better because bitdefender incorporates heuristics along with there definitions and the bitdefeder engine which means emsisoft is actually bitdefender with another engine
Click to expand...

Emsisoft own signatures actually have executable code.

Emsisoft does not use heuristics; the Behavior Blocker looks for a continually-tweaked set of suspicious behaviors.

Emsisoft's Behavior Blocker gives users more concrete, aggregate options than classical HIPS or heuristics.
 
  • Like
Reactions: Online_Sword and conceptualclarity
Upvote 0 Downvote
nsm0220

nsm0220

Level 21
Verified
Sep 9, 2013
1,054
I say Gdata, because Emsisofts zero day protection have been slowly going downhill lately.

Alexstrasza said:
Good, but is it good enough? IIRC in one of Malware Test's vids on G Data IS 2015 it left behind an active infection at the end :D
Click to expand...
What was the active infection that Gdata left behind in that review.
 
Last edited by a moderator:
  • Like
Reactions: Online_Sword
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Gandalf_The_Grey
    • Like
AV-Comparatives Advanced Threat Protection Test 2023 – Consumer
Replies
0
Views
451
Security Statistics and Reports
Gandalf_The_Grey
Gandalf_The_Grey
Ink
    • Like
New Update New: McAfee AI-powered Scam Protection now available in McAfee Mobile Security - Android and iOS
Replies
0
Views
544
McAfee
Ink
Ink
Gandalf_The_Grey
    • Like
AV-Comparatives Advanced Threat Protection Test 2023 – Enterprise
Replies
0
Views
620
Security Statistics and Reports
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top