Advice Request Adaptive Defence 360

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

owk688

New Member
Thread author
Mar 2, 2017
1
Hi all,

My laptop currently using adaptive defense 360.

I been trying to get my hand on some malware or ransomeware to test my new antimalware solution.

Can i know is there anyone can sent me some sample to test.

Currently my laptop is in lock mode.

Panda claim in lock mode new file cannot be run unless 100% classified as goodware.

So i would like to test the ad360 software.

is there anyone here are using this solutions?

thank you
jeffrey
 

Janl1992l

Level 14
Verified
Well-known
Feb 14, 2016
648
Hi all,

My laptop currently using adaptive defense 360.

I been trying to get my hand on some malware or ransomeware to test my new antimalware solution.

Can i know is there anyone can sent me some sample to test.

Currently my laptop is in lock mode.

Panda claim in lock mode new file cannot be run unless 100% classified as goodware.

So i would like to test the ad360 software.

is there anyone here are using this solutions?

thank you
jeffrey
Uhm pls dont test it on your live system! If u want to test ur av solutions install a vm,install the av and then test the product. If your testing it on your life system and malware are able to run and u have some rough malware like ransomware ur f..ed up.
 

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
Yes, as Janl1992l said, you have to create a malware testing environment using a virtual machine in NAT mode, for testing your security application (AD 360 uses cloud).
NAT mode implies the sharing between host/guest of the physical IP by exposing it to the risk of being contextualized in any network connections made by the malware executed and not detected by your security application.
For this reason, you should use a VPN ( host or guest level) to protect your real IP and by encrypting the connection itself.
As you see testing malware requires suitable environment and a good preparation.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Hi all,

My laptop currently using adaptive defense 360.

I been trying to get my hand on some malware or ransomeware to test my new antimalware solution.

Can i know is there anyone can sent me some sample to test.

Currently my laptop is in lock mode.

Panda claim in lock mode new file cannot be run unless 100% classified as goodware.

So i would like to test the ad360 software.

is there anyone here are using this solutions?

thank you
jeffrey
after you have been on this forum for a while, and you have made 100 posts, then you can get access to live malware samples.
But, as mentioned above, there are rules for using these samples. You can't run them straight on your system.
But you could install shadow defender, and then run them. It's pretty close to the real thing.
 

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
I am using Panda Adaptive Defense in my laptop...I am the System Admin for my company and proposed Panda Adaptive Defense to my company. We are maintaing more that 900 computers. 300 is with Panda Adaptive Defense, another 600+ machine with Kaspersky will be expiring next year..also will be replaced by Panda AD360. I can say that, I have never felt so confident of any Antivirus except Panda Adaptive Defense...after so many research and POC with many endpoint protection...I have tried so many viruses and malwares in my own laptop from hybrid-analysis.com and none of the samples manage to get away from Panda Adaptive Defense 360 radar. If you understand how the security models works in Panda Adaptive Defense....you will be daring like me to download and test virtually any malware from hybrid-analysis.com. You can test any zero day malware from that website. I assure you, I have tested so many malware...docs, pdf, exe, js,..you name it....all blocked, analyzed, captured, quarantined, deleted...everyday I will check and test in my laptop and ready to suicide...but until today...my machine are still safe and secure. You can test fileless attack files...you can test any flash with malware website... hybrid-analysis.com do have URL listing with malware infection...give it a try and be crazy like me. :)

Oh..I even tested Petya - harddrive ransomware, Cerberus, Locky....all dead end for the zero-day ransomware and malware that will use fileless attack method.
 
Last edited:

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
I know I have less that 100 post in this forum...but I have tested more than hundreds from hybrid-analysis.com. How can I shortcut access to the malware samples in this websites? At least, I can start share the results from Panda Adaptive Defense 360 if those malwares in this website are totally different from hybrid-analysis.com. And I will test it from my own laptop. I know it is suicide..but I know what I am doing.
 
  • Like
Reactions: Sunshine-boy

francis de lorraine

Level 2
Verified
Mar 19, 2017
69
Bonjour je comprends pas Emmanuellws qu'il puisse avoir une entière confiance dans ce genre de produit .Aucun antivirus n'est fiable a 100%
pour ma part j'utilise emsisoft internet security il est efficace mais par moment forcément il laissera passer des choses comme TOUTE solution de sécurité
 

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
Bonjour je comprends pas Emmanuellws qu'il puisse avoir une entière confiance dans ce genre de produit .Aucun antivirus n'est fiable a 100%
pour ma part j'utilise emsisoft internet security il est efficace mais par moment forcément il laissera passer des choses comme TOUTE solution de sécurité

I have to use google translate hehehe. Yes, it is impossible to be confident of your own AV. But knowing the security models used by Panda, to have guts in testing real known and unknown malware in my live machine...it takes me a lot to study all kinds of Antivirus and it's techniques.. why traditional AV fails to protect normal users from zero-day malware. When I say, normal users, meaning, IT savvy people will just need a normal AV, but the normal users still get infected with zero-day even when equipped with powerful AV like Kaspersky. So PandaAD360 is solving this problem, to classify all programs and files as goodware, badware, and unknown. Unknown programs will be blocked and checked, thrown into a sandbox and all kinds of test, then classify it. The normal users wont have to do all this, it is all done by the Panda Labs people or the IT administrator. The agent leaves a very small footprint. It is very light. Some products that I have gone through, they even offered remediation of known ransomware attacks. I don't fancy all this, I prefer prevention. What if a zero-day ransomware attack with new encryption algorithm, and you have to wait for the new decryption from the AV for days, weeks or months or even years. Then you have to do data and system recovery again. Why go through al lthe pain when you can prevent it from running at the first place? Panda prevents it from running or to be executed at all. It does not have the chance to be executed at all. If you have tested Voodooshield...its a very similar protection method. Except that Panda uses its Big Data with machine learning database to analyze and classify for all programs and files in your computers plus its traditional antivirus. They also have behaviour protection...why would a document or spreadsheet or a pdf file need to download and execute another file in your computer? I'snt this is abnormal? Why would a flash website behaves so weird by executing another program in your computer? This is what PandaAD360 is looking at...blocking them from running at all. Panda can protect your unprotected software.

Do you want to know why I am confident of this...bcoz our users got hit 6 times from zero-day ransomware...so we investigate, study and found out that user themselves cause the infection no matter what the traditional AV level of protection is. So finally, we found some products that can actually prevent users from repeating their foolish mistakes. Cylance....Carbon Black....Panda Adaptive Defense...Voodooshield...SecureAplus to name a few.

If 100% confident is too much..I give you 99.99 percent on my confident to Panda Adaptive Defense.
 
Last edited:

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
Hi all,

My laptop currently using adaptive defense 360.

I been trying to get my hand on some malware or ransomeware to test my new antimalware solution.

Can i know is there anyone can sent me some sample to test.

Currently my laptop is in lock mode.

Panda claim in lock mode new file cannot be run unless 100% classified as goodware.

So i would like to test the ad360 software.

is there anyone here are using this solutions?

thank you
jeffrey

Hi Jeffrey,

Lock Mode, Report blocking to the computer user - this will block all unknown program regardless it is Internet bourne program or not until it is classified by Panda Labs or the IT Administrator.

Hardening - same as Lock Mode except that only it will block Unknown Internet bourne program.
So Lock Mode is similar to Voodooshield - Lock Mode

You can try download samples from hybrid-analysis.com
 
  • Like
Reactions: Sunshine-boy
D

Deleted member 178

I am using Panda Adaptive Defense in my laptop...I am the System Admin for my company and proposed Panda Adaptive Defense to my company. We are maintaing more that 900 computers. 300 is with Panda Adaptive Defense, another 600+ machine with Kaspersky will be expiring next year..
You manage a park of 900+ machines and you use AVs? What OS do you use ? Home versions?
Personally, no way as an system admin, i would rely on any AVs for securing my network.
In big corporate park, you must use SRP, group policies, virtualization/rollback systems to lock workstations. AVs are obsolete and now unreliable for corporations. 0-days evolve to quickly for any AVs to catch up , and BB or whatever features an AV may have always requires user input , skills and time, and system admins don't have the luxury of time.
Companies' workstations are supposed to be static system (OS + only the resquired soft for the employees to work), then you lock it from modifications (exception may be required for some departments).

I have tried so many viruses and malwares in my own laptop from hybrid-analysis.com and none of the samples manage to get away from Panda Adaptive Defense 360 radar. If you understand how the security models works in Panda Adaptive Defense....you will be daring like me to download and test virtually any malware from hybrid-analysis.com.
Don't want to ruin your day, but hybrid-analysis.com is well known for their old malware, they are not the best source for fresh malware, and all malware submitted to them are also submitted to Virus Total. so the fact , that you have good results isn't surprising and that without assuming than Panda may uses VT/hybrid-analysis.com database. Once you will have access to our hub, i'm sure you will get fresher malware.
 
Last edited by a moderator:

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
You manage a park of 900+ machines and you use AVs? What OS do you use ? Home versions?
No way as an system admin, i would rely on any AVs, especially in big corporate park, you must use SRP, group policies, virtualization/rollback systems to lock workstations. AVs are obsolete and unreliable for corporations.
Companies' workstations are supposed to be static system (OS + only the resquired soft for the employees to work), then you lock it from modifications (exception may be required for some departments).


Don't want to ruin your day, but hybrid-analysis.com is well known for their old malware, they are not the best source for fresh malware, and all malware submitted to them are also submitted to Virus Total. so the fact , that you have good results isn't surprising and that without assuming than Panda may uses VT/hybrid-analysis.com database. Once you will have access to our hub, i'm sure you will get fresher malware.

Thanks for clarifying for me about hybrid-analysis.com
However, 900+ machines of Mac and Windows under Active Directory Win Server 2012 with GPO enforced. Protected with Acronis for system rollback. Used to enforced to block all exe and scripts under Users context but that's just overkill. So we used Panda to control device access, programs as well while protecting users from zero-day attacks and malware.

I am pretty confident that PAD360 can block all the viruses and malware samples in this website. Oh and System Rollback wont work for documents and spreadsheets that has been modified before the next backup. That's why we need prevention and not action after infection.

Oh and....if doxware is a future problem....any type of backup won't work....you need total prevention. Ransomware problem plus exposing the data to the public - backup is total useless. Even if you already recovered the data, but the copy of your files and databases is in their server ready to be exposed..you won't be able to do anything unless you can trace their command server and report it to the authority or just simply pay them so they will not expose the data.

And by the way, if we users has less than 100 post in this website, the best and lots of samples so far is only hybrid-analysis.com..right? While waiting to reach for 100 post....so can you suggest a better solution for now while answering to another user's question inquiry on where to download samples?
 
Last edited:
  • Like
Reactions: sunshineboy

Emmanuellws

Level 3
Verified
Mar 11, 2017
132
Hey Umbra,
By the way, if hybrid-analysis.com is not updated with latest and fresh malware...how come this as of now:
upload_2017-3-27_2-55-56.png


upload_2017-3-27_2-56-18.png


I tried launch on my PC...

Panda has not detected it as well yet....BUT...
upload_2017-3-27_2-58-5.png


upload_2017-3-27_2-59-47.png


upload_2017-3-27_3-0-47.png


upload_2017-3-27_3-1-21.png


good news...it failed to launch....another zero day malware failed.
 
  • Like
Reactions: sunshineboy

francis de lorraine

Level 2
Verified
Mar 19, 2017
69
Je continue a penser que l'intelligence artificiel dans un antivirus ne le rends pas plus puissant (ça génère forcèment des faux positifs comme c'est le cas avec cylance par exemple) cette technologie doit être accompagnèe de detections traditionnelle(signature,bloqueur de comportement et cloud )
 

francis de lorraine

Level 2
Verified
Mar 19, 2017
69
De mon côté j'utilise un antivirus traditionnel que je nomme emsisoft internet security avec detection par signatures +bb aidé forcément de son cloud et il fonctionne parfaitement bien même avec des 0 days je fais des tests certe parfois des choses passes et plutot des adwares ou des logiciels potentiellemnts indésirables et encore cela reste rare mais ces bestioles ne me compromette pas ma machine et leur désinstallation reste aisée
 

Amelith Nargothrond

Level 12
Verified
Top Poster
Well-known
Mar 22, 2017
587
Hey Umbra,
By the way, if hybrid-analysis.com is not updated with latest and fresh malware...how come this as of now:
View attachment 144313

View attachment 144314

I tried launch on my PC...

Panda has not detected it as well yet....BUT...
View attachment 144315

View attachment 144316

View attachment 144317

View attachment 144318

good news...it failed to launch....another zero day malware failed.


You do realise that this next gen av blocked it because the executable was not whitelisted (permitted to run/execute), right? And not because it was detected as malware...

288291b1913c42f59c3b5c237f635cf5.png
 
  • Like
Reactions: Deleted member 178
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top