- Oct 16, 2020
Amongst all players on the Windows malware protection field, there are three that really stand out and make a bold statement of being the best.
Independent tests, whilst being with a questionable reliability, consistently point out three contenders - Kaspersky, ESET and Bitdefender.
These products have been widely recognised for their accurate protection with low number of false positives and all that, whilst maintaining low system impact.
Each one of them has a huge user base, with Kaspersky's engine also powering all Check Point + ZoneAlarm products and Bitdefender's engine powering products such as Bullguard, GData, Qihoo 360, Total Defence, paid versions of Immunet and perhaps many other I don't even know of. ESET is already behind Google Chrome's Safe Browsing Platform.
I have not given Kaspersky the proper try it deserves, so I will not include it in a comparison for now, but how Bitdefender and ESET stack up to each other?
Let's explore some key differences between two of the best products on the market.
Both Bitdefender and ESET achieve great level of protection against many of today's dangers, such as ransomware, phishing and sophisticated threats.
They do it in a very similar way - through an infusion of top-quality standard antivirus (definitions, heuristics, static machine learning and emulation) combined with accurate web blocking. Web blocking, apart from stopping threats in the browser, blocks suspicious connections in all apps, thus blocking malware from downloading additional nastiness and bots from receiving their scripts.
ESET's 0-day protection however, is really centred around the presence of HIPS. The company's focus falls on false positives reduction and performance keeping, so features such as Ransomware Remediation (file journaling) are not implemented. HIPS comes in few modes - automatic, smart, policy-based, interactive and learning mode.
In my experience with the products all of these modes have proven to be useless.
The automatic mode, with all the malware I tested it against, was like no HIPS whatsoever and I never saw it in action.
Smart mode was more or less the same.
Interactive mode was a hell - hover your mouse pointer over a program and it will give you n number of prompts whether Synaptics Pointing Device is allowed to access an app. Close that prompt and there are many more to come about various Windows services. This is not an experience users seek and deserve in this day and age. It was the Panda way of doing it in 2006.
Policy-based might have been great, had the company put the effort to develop "policy packages" that users could deploy. The company expects you to either sit down and start configuring rules, or use learning mode. This mode will automatically generate policies for given number of time, assuming your system is totally clean. Any deviation from the set standard will be considered malicious and blocked.
This is not a great way of doing it either, as it might result in all kinds of software breakages or failures.
HIPS contains several extensions, such as Ransomware Shield, Deep Behavioural Inspection and Memory Scanner, but none of them managed to prove effective on my tests.
Bitdefender's 0-day protection is centred around Advanced Threat Defence. This system was first released with the 2009 edition of Bitdefender and was named Active Virus Control.
It used to be complemented by Intrusion Detection System (exploit blocking) and both components had sliders users could use to adjust the aggressiveness. Active Virus Control was then renamed to Active Threat Control and today both IDS and ATC have been combined in ATD.
The system now includes an extension - ransomware remediation that copies files prior to being encrypted. On my tests, whilst this has not always been 100% effective, it was far more effective than ESET's anti-ransomware capabilities. ATD is a far more effective and automated approach than HIPS and overall, Bitdefender feels far more intelligent.
In my tests, it has been almost impossible to bypass ATD and even if you do, it won't take long before it kicks in and starts remediation.
Bitdefender offers far better IPS capabilities than ESET. The product blocks websites with expired certificates and common network attacks. I never saw ESET's alleged Intrusion Detection System in action.
In the light of the above, I believe Bitdefender is the clear winner here.
I was looking for a stop/djvu ransomware decryptor recently and ESET recognised the ransomware note, which was copied on the page for demonstration purposes. It detected ransomware in the Google cache and deleted it. I then copied the note in a simple txt file and ESET removed that too.
Bitdefender doesn't always go as far as removing ransomware notes. however when I did registry entries pointing to malware files or containing PowerShell code, fake services and scheduled tasks, Bitdefender always removed the threats entirely. ESET blocks the malware from running, but the roots, if I can call them that way, still remain. This causes an infinite loop of malware attempts to run and blocking. It's not a great experience.
Bitdefender has apparently listened to my feedback about scheduled tasks - product was not deleting those until I contacted support with a complaint once.
ESET's engine however, feels a lot faster. Extracting a threat from an archive takes 1-2 seconds before the file is visually gone and a popup informs me it is malicious. Bitdefender's remediation process feels a bit slower.
In terms of malware removal, it's hard to tell who's winner, but from my experience, I am more inclined to crown Bitdefender a winner here.
I believe we all know the winner here, without even discussing it.
Neither Bitdefender, nor ESET have caused any slowdowns in day-to-day usage, but ESET's engine is a lot lighter - Bitdefender definitions are almost a GB of space, update frequently (and slowly). ESET's memory usage is lower, the interface feels a lot more snappier, detecting and deleting threats is a lot faster, though as we discussed earlier, not that deep. Updates are super fast to install.
Browsing the web also feels one idea faster, due to the lack of extensions. Scanning speed is similar across both products.
Both products maintain very low CPU and disk usage.
The clear winner here is ESET, though Bitdefender still comes very close.
Graphical User Interface and General User Experience
When we spoke about protection, we already outlined the fact ESET still relies on technologies already ditched by most of the AV industry. ESET's user interface feels rather dated and complicated for novice users. Advanced users however will enjoy the level of control they have over the product. F5 over the product brings advanced settings and F1 brings help files where beginners can learn more. ESET's help files are much more comprehensive and the company provides greater details over every feature than Bitdefender.
Bitdefender's interface feels more oriented towards novice users a'la McAfee way. Visuals feels far more modern than ESET, but configuration is minimalistic and advanced users may want more. Auto-pilot however, provides recommendations about tools and profiles optimise both product and system to your current activity.
Popups are rare and minimal in both cases, free of complicated terms.
User experience is relative, but in the light of the above, we can say that
ESET's UX is better choice for advanced users
Bitdefender's UX is clearly a better for choice for beginners or people who just want the job done, without too much muss and fuss.
From my observation of the industry, Bitdefender's direct rival seems to be Kaspersky, which is quite rich on features.
Bitdefender offers more or less the same features - Secure Browser, TuneUp utility, vulnerability scanner, password manager, VPN, Central platform for in-cloud product monitoring and management.
ESET doesn't offer any of the above, apart from a password manager that feels rather limited and dated and a secure browser.
Based on a number of features, Bitdefender is a winner here.
Due to what's mentioned in the protection category, Bitdefender feels a lot more intelligent and automated, whilst ESET leaves a feeling of relying on dated approaches. Approaches known as Panda TruPrevent or Kaspersky's HIPS in 2006.
Though ESET's performance is great and it doesn't lack any essential features, I would say Bitdefender puts much more effort in staying on top of their game. ESET still has some work to do, if they are looking to share the throne with the other 2 kings.