Battle Behavioral Blockers: SONAR vs DeepGuard vs System Watcher

Compare list
Symantec Endpoint Security Cloud
Kaspersky Security Cloud Family
F-secure Internet Security
In-depth Comparison





N

notabot

Level 15
Thread author
Verified
Oct 31, 2018
703
What the title says, I'm interested only in the Behavioural Blocking component, not the other components of suites which include the said BB components.

Are there any tests on behavioral blockers?

Which BBs work well against scriptors/fileless?
 
  • Like
Reactions: KonradPL, Nevi, oldschool and 5 others
Sort by date Sort by votes
B

BVLon

The Cog in the Machine said:
@BVLon Thank you very much for your detailed explanations and your efforts in testing different BBs. Maybe you can shed some light on G Data and Bullguard.
Click to expand...
I recently tested BullGuard. Their BB is on par with Panda. It's OK, but not like wow and will certainly fail at some point. They also don't have the massive user-base like some othr companies...
I do not see any point why people should go for BullGuard (Bitdefender SDK) and not Bitdefender. I mean, I live in London and they are London-based if that can be a valid reason... UI and performance are awful tho. I would never use or recommend BullGuard.

I need to give GData a long run... I tested it briefly and it did OK... the UI however is ancient.... this is a huge put-off for me.... I will test it soon.
However GData is another Bitdefender-based solution and I don't see a reason why anyone should go for them and not for the highly-praised original. Unless you're a total Gaga over poorly-maintained German software...
 
  • Like
Reactions: Handsome Recluse, Protomartyr, KonradPL and 4 others
Upvote 0 Downvote
B

BVLon

So, in the upcoming week I will test Norton, which is clearly my main solution + 5 others. List the solution that you would like to see tested. Most mentioned ones will be put to a check.

BullGuard and GData are already on the list, as they are all kinda questionable. Emsisoft was tested last night and it blocked 12/12. Since it clearly blocks everything with questionable reputation it was pointless to continue the test. Nothing will get through it, it's more likely to produce a false positive than false negative. That leaves 3 slots for you to choose what you wanna see.
 
Last edited by a moderator:
  • Like
  • Thanks
Reactions: Handsome Recluse, Protomartyr, KonradPL and 3 others
Upvote 0 Downvote
Divine_Barakah

Divine_Barakah

Level 29
Verified
Top Poster
Well-known
May 10, 2019
1,854
BVLon said:
I do not see any point why people should go for BullGuard (Bitdefender SDK) and not Bitdefender
Click to expand...
Bullguard has little issues and is less buggy that Bitdefender. I know that Bitdefender is decent but you're lucky it it runs on your system without issues. I would not use Bitdefender even given the fact it is offered by my ISP.
 
  • Like
Reactions: DDE_Server, KonradPL and oldschool
Upvote 0 Downvote
B

BVLon

SeriousHoax said:
I can't stand Bitdefender mainly for one reason, that is: After detecting and removing a malware you won't be able to see hidden files of your PC till you restart the system. The show hidden file toggle doesn't work and Bitdefender has no intention to fix this. This is almost a 10 years old issue.
Click to expand...
Yeah, I remember this issue in BD 2010. I won’t use them also because they don’t provide proper information about what what exactly it has deleted. Norton tells me all files, folders, registry keys and settings that it had to delete/change. Bitdefender tells me nothing and as analyst it gets difficult for me to measure its performance accurately. I have to go in all folders and through the whole registry...
 
Last edited by a moderator:
  • Like
Reactions: Handsome Recluse, Divine_Barakah, Protomartyr and 3 others
Upvote 0 Downvote
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,633
BVLon said:
Yeah, I remember this issue in BD 2010. I won’t use them also because it doesn’t give proper information about what what exactly it has deleted. Norton tells me all files, folders, registry keys and settings that it had to delete/change. Bitdefender tells me nothing and as analyst it gets difficult for me to measure its performance accurately. I have to go in all folders and through the whole registry...
Click to expand...
I like this about Norton too. It shows almost everything it has deleted. I don't remember any other AV that does this.
Btw, just remembered a regular user of our forum and malware tester told me last year that Norton still can't deal with those classic USB autorun malwares and his/his friend's PC also got infected because of this. Do you have any idea about this?
 
  • Like
Reactions: Divine_Barakah, Protomartyr, BVLon and 1 other person
Upvote 0 Downvote
B

BVLon

SeriousHoax said:
I like this about Norton too. It shows almost everything it has deleted. I don't remember any other AV that does this.
Btw, just remembered a regular user of our forum and malware tester told me last year that Norton still can't deal with those classic USB autorun malwares and his/his friend's PC also got infected because of this. Do you have any idea about this?
Click to expand...
I have downloaded quite a lot of autorun malware for the 13 years that I have used Norton and it has always coped with that. What exactly is the issue?
AVG used to display everything it has deleted, but after Avast acquired them, that was terminated.
 
  • Like
Reactions: Handsome Recluse, Divine_Barakah, Protomartyr and 3 others
Upvote 0 Downvote
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,633
BVLon said:
I have downloaded quite a lot of autorun malware for the 13 years that I have used Norton and it has always coped with that. What exactly is the issue?
AVG used to display everything it has deleted, but after Avast acquired them, that was terminated.
Click to expand...
Oh I don't remember much about AVG anymore. I liked it and their signature names were kind of different from others if I remember correctly. Anyway about Norton, I forgot about the exact issue. I'll ask him if I get a chance.
 
  • Like
Reactions: Divine_Barakah, Protomartyr and KonradPL
Upvote 0 Downvote
E

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
BVLon said:
is autorun malware still a thing lol
Click to expand...
for unknown reasons, norton can't detect USB malwares despite having signatures.
when we perform a manual context scan or copy the malwares to anywhere else in the computer, norton will detect them
that's a bug which has been present since 2013 version when I first noticed it because it made my desktop infected by an ancient virus. Autorun was disabled
some users confirm this bug on the latest versions. Not sure if it's still present now

regardless how good other components are, I never consider norton a good AV. There are many hidden bugs that can affect real-time protection although they sound good and perform well in paper and in tests. Symantec AV is much more reliable
 
Last edited:
  • Like
Reactions: stefanos, Protomartyr, SeriousHoax and 8 others
Upvote 0 Downvote
B

BVLon

Evjl's Rain said:
for unknown reasons, norton can't detect USB malwares despite having signatures.
when we perform a manual context scan or copy the malwares to anywhere else in the computer, norton will detect them
that's a bug which has been present since 2013 version when I first noticed it because it made my desktop infected by an ancient virus. Autorun was disabled
some users confirm this bug on the latest versions. Not sure if it's still present now

regardless how good other components are, I never consider norton a good AV. There are many hidden bugs that can affect real-time protection although they sound good and perform well in paper and in tests. Symantec AV is much more reliable
Click to expand...
That’s an interesting claim. I haven’t seen autorun malware for quite some time, leave alone get my usb devices infected. I gotta test that.
 
  • Like
Reactions: SeriousHoax, Protomartyr, Gandalf_The_Grey and 5 others
Upvote 0 Downvote
B

BVLon

SONAR will be put to a test tomorrow.
malwaretips.com

Q&A - Norton BASH: How it works, questions, weekly testing

Dear all, This thread is all about Norton BASH (Behavioural and Security Heuristics). It is not to compare Norton with others and it is not to comment on other Norton features. I will also be testing BASH against 0-day malware every week at least once and posting the results here. Expect the...
malwaretips.com malwaretips.com
This is the link to the methodology, in case anyone is interested.
 
  • Like
Reactions: Protomartyr, KonradPL, Divine_Barakah and 2 others
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

M
    • Like
    • Thanks
    • +Reputation
  • Question
Battle Ransomware simulator vs 10 AVs
Replies
23
Views
5,086
Battle Archive
miguelang611
M
Trident
    • Like
    • +Reputation
    • Hundred Points
Serious Discussion Harmony Endpoint by Check Point
Replies
677
Views
44,865
Other security for Windows, Mac, Linux
Sandbox Breaker
Sandbox Breaker
Gandalf_The_Grey
    • Like
    • Thanks
AV-Comparatives Malware Protection Test March 2022
Replies
52
Views
5,751
Security Statistics and Reports
Trident
Trident

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top