Advice Request Adaptive Defence 360

owk688 · Mar 2, 2017

Hi all,

My laptop currently using adaptive defense 360.

I been trying to get my hand on some malware or ransomeware to test my new antimalware solution.

Can i know is there anyone can sent me some sample to test.

Currently my laptop is in lock mode.

Panda claim in lock mode new file cannot be run unless 100% classified as goodware.

So i would like to test the ad360 software.

is there anyone here are using this solutions?

thank you
jeffrey

Janl1992l · Mar 2, 2017

owk688 said:
Hi all,

My laptop currently using adaptive defense 360.

I been trying to get my hand on some malware or ransomeware to test my new antimalware solution.

Can i know is there anyone can sent me some sample to test.

Currently my laptop is in lock mode.

Panda claim in lock mode new file cannot be run unless 100% classified as goodware.

So i would like to test the ad360 software.

is there anyone here are using this solutions?

thank you
jeffrey

Uhm pls dont test it on your live system! If u want to test ur av solutions install a vm,install the av and then test the product. If your testing it on your life system and malware are able to run and u have some rough malware like ransomware ur f..ed up.

Winter Soldier · Mar 2, 2017

Yes, as Janl1992l said, you have to create a malware testing environment using a virtual machine in NAT mode, for testing your security application (AD 360 uses cloud).
NAT mode implies the sharing between host/guest of the physical IP by exposing it to the risk of being contextualized in any network connections made by the malware executed and not detected by your security application.
For this reason, you should use a VPN ( host or guest level) to protect your real IP and by encrypting the connection itself.
As you see testing malware requires suitable environment and a good preparation.

shmu26 · Mar 2, 2017

owk688 said:
Hi all,

My laptop currently using adaptive defense 360.

I been trying to get my hand on some malware or ransomeware to test my new antimalware solution.

Can i know is there anyone can sent me some sample to test.

Currently my laptop is in lock mode.

Panda claim in lock mode new file cannot be run unless 100% classified as goodware.

So i would like to test the ad360 software.

is there anyone here are using this solutions?

thank you
jeffrey

after you have been on this forum for a while, and you have made 100 posts, then you can get access to live malware samples.
But, as mentioned above, there are rules for using these samples. You can't run them straight on your system.
But you could install shadow defender, and then run them. It's pretty close to the real thing.

Emmanuellws · Mar 26, 2017

I am using Panda Adaptive Defense in my laptop...I am the System Admin for my company and proposed Panda Adaptive Defense to my company. We are maintaing more that 900 computers. 300 is with Panda Adaptive Defense, another 600+ machine with Kaspersky will be expiring next year..also will be replaced by Panda AD360. I can say that, I have never felt so confident of any Antivirus except Panda Adaptive Defense...after so many research and POC with many endpoint protection...I have tried so many viruses and malwares in my own laptop from hybrid-analysis.com and none of the samples manage to get away from Panda Adaptive Defense 360 radar. If you understand how the security models works in Panda Adaptive Defense....you will be daring like me to download and test virtually any malware from hybrid-analysis.com. You can test any zero day malware from that website. I assure you, I have tested so many malware...docs, pdf, exe, js,..you name it....all blocked, analyzed, captured, quarantined, deleted...everyday I will check and test in my laptop and ready to suicide...but until today...my machine are still safe and secure. You can test fileless attack files...you can test any flash with malware website... hybrid-analysis.com do have URL listing with malware infection...give it a try and be crazy like me.

Oh..I even tested Petya - harddrive ransomware, Cerberus, Locky....all dead end for the zero-day ransomware and malware that will use fileless attack method.

shmu26 · Mar 26, 2017

Emmanuellws said:
You can test fileless attack files

That does sound interesting. Fileless files.

Emmanuellws · Mar 26, 2017

shmu26 said:
That does sound interesting. Fileless files.

Hehehe...whatever you want to call it...by the way you guys heard of doxware?

Emmanuellws · Mar 26, 2017

I know I have less that 100 post in this forum...but I have tested more than hundreds from hybrid-analysis.com. How can I shortcut access to the malware samples in this websites? At least, I can start share the results from Panda Adaptive Defense 360 if those malwares in this website are totally different from hybrid-analysis.com. And I will test it from my own laptop. I know it is suicide..but I know what I am doing.

francis de lorraine · Mar 26, 2017

Bonjour je comprends pas Emmanuellws qu'il puisse avoir une entière confiance dans ce genre de produit .Aucun antivirus n'est fiable a 100%
pour ma part j'utilise emsisoft internet security il est efficace mais par moment forcément il laissera passer des choses comme TOUTE solution de sécurité

Emmanuellws · Mar 26, 2017

francis de lorraine said:
Bonjour je comprends pas Emmanuellws qu'il puisse avoir une entière confiance dans ce genre de produit .Aucun antivirus n'est fiable a 100%
pour ma part j'utilise emsisoft internet security il est efficace mais par moment forcément il laissera passer des choses comme TOUTE solution de sécurité

I have to use google translate hehehe. Yes, it is impossible to be confident of your own AV. But knowing the security models used by Panda, to have guts in testing real known and unknown malware in my live machine...it takes me a lot to study all kinds of Antivirus and it's techniques.. why traditional AV fails to protect normal users from zero-day malware. When I say, normal users, meaning, IT savvy people will just need a normal AV, but the normal users still get infected with zero-day even when equipped with powerful AV like Kaspersky. So PandaAD360 is solving this problem, to classify all programs and files as goodware, badware, and unknown. Unknown programs will be blocked and checked, thrown into a sandbox and all kinds of test, then classify it. The normal users wont have to do all this, it is all done by the Panda Labs people or the IT administrator. The agent leaves a very small footprint. It is very light. Some products that I have gone through, they even offered remediation of known ransomware attacks. I don't fancy all this, I prefer prevention. What if a zero-day ransomware attack with new encryption algorithm, and you have to wait for the new decryption from the AV for days, weeks or months or even years. Then you have to do data and system recovery again. Why go through al lthe pain when you can prevent it from running at the first place? Panda prevents it from running or to be executed at all. It does not have the chance to be executed at all. If you have tested Voodooshield...its a very similar protection method. Except that Panda uses its Big Data with machine learning database to analyze and classify for all programs and files in your computers plus its traditional antivirus. They also have behaviour protection...why would a document or spreadsheet or a pdf file need to download and execute another file in your computer? I'snt this is abnormal? Why would a flash website behaves so weird by executing another program in your computer? This is what PandaAD360 is looking at...blocking them from running at all. Panda can protect your unprotected software.

Do you want to know why I am confident of this...bcoz our users got hit 6 times from zero-day ransomware...so we investigate, study and found out that user themselves cause the infection no matter what the traditional AV level of protection is. So finally, we found some products that can actually prevent users from repeating their foolish mistakes. Cylance....Carbon Black....Panda Adaptive Defense...Voodooshield...SecureAplus to name a few.

If 100% confident is too much..I give you 99.99 percent on my confident to Panda Adaptive Defense.

Emmanuellws · Mar 26, 2017

owk688 said:
Hi all,

My laptop currently using adaptive defense 360.

I been trying to get my hand on some malware or ransomeware to test my new antimalware solution.

Can i know is there anyone can sent me some sample to test.

Currently my laptop is in lock mode.

Panda claim in lock mode new file cannot be run unless 100% classified as goodware.

So i would like to test the ad360 software.

is there anyone here are using this solutions?

thank you
jeffrey

Hi Jeffrey,

Lock Mode, Report blocking to the computer user - this will block all unknown program regardless it is Internet bourne program or not until it is classified by Panda Labs or the IT Administrator.

Hardening - same as Lock Mode except that only it will block Unknown Internet bourne program.
So Lock Mode is similar to Voodooshield - Lock Mode

You can try download samples from hybrid-analysis.com

Deleted member 178 · Mar 26, 2017

Emmanuellws said:
I am using Panda Adaptive Defense in my laptop...I am the System Admin for my company and proposed Panda Adaptive Defense to my company. We are maintaing more that 900 computers. 300 is with Panda Adaptive Defense, another 600+ machine with Kaspersky will be expiring next year..

You manage a park of 900+ machines and you use AVs? What OS do you use ? Home versions?
Personally, no way as an system admin, i would rely on any AVs for securing my network.
In big corporate park, you must use SRP, group policies, virtualization/rollback systems to lock workstations. AVs are obsolete and now unreliable for corporations. 0-days evolve to quickly for any AVs to catch up , and BB or whatever features an AV may have always requires user input , skills and time, and system admins don't have the luxury of time.
Companies' workstations are supposed to be static system (OS + only the resquired soft for the employees to work), then you lock it from modifications (exception may be required for some departments).

I have tried so many viruses and malwares in my own laptop from hybrid-analysis.com and none of the samples manage to get away from Panda Adaptive Defense 360 radar. If you understand how the security models works in Panda Adaptive Defense....you will be daring like me to download and test virtually any malware from hybrid-analysis.com.

Don't want to ruin your day, but hybrid-analysis.com is well known for their old malware, they are not the best source for fresh malware, and all malware submitted to them are also submitted to Virus Total. so the fact , that you have good results isn't surprising and that without assuming than Panda may uses VT/hybrid-analysis.com database. Once you will have access to our hub, i'm sure you will get fresher malware.

Emmanuellws · Mar 26, 2017

Umbra said:
You manage a park of 900+ machines and you use AVs? What OS do you use ? Home versions?
No way as an system admin, i would rely on any AVs, especially in big corporate park, you must use SRP, group policies, virtualization/rollback systems to lock workstations. AVs are obsolete and unreliable for corporations.
Companies' workstations are supposed to be static system (OS + only the resquired soft for the employees to work), then you lock it from modifications (exception may be required for some departments).

Don't want to ruin your day, but hybrid-analysis.com is well known for their old malware, they are not the best source for fresh malware, and all malware submitted to them are also submitted to Virus Total. so the fact , that you have good results isn't surprising and that without assuming than Panda may uses VT/hybrid-analysis.com database. Once you will have access to our hub, i'm sure you will get fresher malware.

Thanks for clarifying for me about hybrid-analysis.com
However, 900+ machines of Mac and Windows under Active Directory Win Server 2012 with GPO enforced. Protected with Acronis for system rollback. Used to enforced to block all exe and scripts under Users context but that's just overkill. So we used Panda to control device access, programs as well while protecting users from zero-day attacks and malware.

I am pretty confident that PAD360 can block all the viruses and malware samples in this website. Oh and System Rollback wont work for documents and spreadsheets that has been modified before the next backup. That's why we need prevention and not action after infection.

Oh and....if doxware is a future problem....any type of backup won't work....you need total prevention. Ransomware problem plus exposing the data to the public - backup is total useless. Even if you already recovered the data, but the copy of your files and databases is in their server ready to be exposed..you won't be able to do anything unless you can trace their command server and report it to the authority or just simply pay them so they will not expose the data.

And by the way, if we users has less than 100 post in this website, the best and lots of samples so far is only hybrid-analysis.com..right? While waiting to reach for 100 post....so can you suggest a better solution for now while answering to another user's question inquiry on where to download samples?

Emmanuellws · Mar 26, 2017

Hey Umbra,
By the way, if hybrid-analysis.com is not updated with latest and fresh malware...how come this as of now:

I tried launch on my PC...

Panda has not detected it as well yet....BUT...

good news...it failed to launch....another zero day malware failed.

francis de lorraine · Mar 26, 2017

Je continue a penser que l'intelligence artificiel dans un antivirus ne le rends pas plus puissant (ça génère forcèment des faux positifs comme c'est le cas avec cylance par exemple) cette technologie doit être accompagnèe de detections traditionnelle(signature,bloqueur de comportement et cloud )

francis de lorraine · Mar 26, 2017

De mon côté j'utilise un antivirus traditionnel que je nomme emsisoft internet security avec detection par signatures +bb aidé forcément de son cloud et il fonctionne parfaitement bien même avec des 0 days je fais des tests certe parfois des choses passes et plutot des adwares ou des logiciels potentiellemnts indésirables et encore cela reste rare mais ces bestioles ne me compromette pas ma machine et leur désinstallation reste aisée

Amelith Nargothrond · Mar 26, 2017

I knew i should've pay attention to the french classes.

Amelith Nargothrond · Mar 26, 2017

Emmanuellws said:
Hey Umbra,
By the way, if hybrid-analysis.com is not updated with latest and fresh malware...how come this as of now:
View attachment 144313

View attachment 144314

I tried launch on my PC...

Panda has not detected it as well yet....BUT...
View attachment 144315

View attachment 144316

View attachment 144317

View attachment 144318

good news...it failed to launch....another zero day malware failed.

You do realise that this next gen av blocked it because the executable was not whitelisted (permitted to run/execute), right? And not because it was detected as malware...

francis de lorraine · Mar 26, 2017

Hello therefore as an anti executable necessarily

francis de lorraine · Mar 26, 2017

I prefer by far my traditional antivirus with its detection methods

Advice Request Adaptive Defence 360

New Member

Level 14

Level 25

Level 85

Level 3

Level 85

Level 3

Level 3

Level 2

Level 3

Level 3

Deleted member 178

Level 3

Level 3

Level 2

Level 2

Level 12

Level 12

Level 2

Level 2

Similar threads