Security Alert Business Security Test 2018 (March – June)

Windows_Security

Level 17
Content Creator
Trusted
Joined
Mar 13, 2016
Messages
843
OS
Windows 7
#3
In business environment it is also usual to use adviced settings. New AI products often have central management and remediation also in the cloud. Those AV's would have an advantage over client products or producs with central managemnt component in default settings. So I think in business environment it is fair to use supplier adviced settings to level the playing field for all types of (managed) products (client only. central management on clients's server and central management in AV-vendor's cloud).

For user market products, I agree with you that vevrything should be in default settings, to show protection strenght for average users.
 

Spawn

Administrator
MalwareTips Staff
Joined
Jan 8, 2011
Messages
17,243
OS
Windows 10
Antivirus
Microsoft
#8
What does Microsoft's "user-dependent" thing mean?
It's explained in the link - remember it's for Enterprise.

Terminology:

  • Blocked - Malware was successfully blocked by AV
  • User Dependent - The user had the option to allow the execution of the malware
  • Compromised - Malware compromised the system
  • False Positive - A clean sample was wrongly detected as malicious
Product tested: Microsoft - Windows Defender Antivirus for Business with Intune
Business Security Test 2018 (March – June) | AV-Comparatives

Intune is a cloud-based service that provides companies with security management for their devices, apps and data. Platforms covered are Windows Desktop, Windows Mobile, macOS, iOS and Android. This review covers the use of Microsoft Intune to manage Microsoft’s out-of-box antivirus and security features in Windows desktop operating systems. Please note that a dual management interface is available. In this review, we have covered the Classic interface, shown above.
More: Microsoft Intune Overview | Microsoft
Support: Microsoft Intune documentation
 
I

illumination

Guest
#9
It's explained in the link - remember it's for Enterprise.

Terminology:
  • Blocked - Malware was successfully blocked by AV
  • User Dependent - The user had the option to allow the execution of the malware
  • Compromised - Malware compromised the system
  • False Positive - A clean sample was wrongly detected as malicious
Product tested: Microsoft - Windows Defender Antivirus for Business with Intune
Business Security Test 2018 (March – June) | AV-Comparatives
Sometimes it helps to read further, as im guilty of not doing myself at times as in this example. I can not not pretend to know how their enterprise version works, as i have never been hands on and just made an assumption.
 
Last edited by a moderator:
Joined
Sep 1, 2017
Messages
514
OS
Windows 10
Antivirus
Norton
#10
Am I the only one that scratched their heads when the saw that McAfee scored so well?!

Kaspersky and Bitdefender would be my top go to choices here. Trend Micro has always caught my eye as another good potential, but the false positives are so high with that software. We are a Kaspersky house at my place of employment. It would take a lot for me to say no to using Kaspersky. If we ever had to say "no" the next jump would certainly be Bitdefender.

~Brian
 

Lockdown

From AppGuard
Developer
Joined
Oct 24, 2016
Messages
3,301
#11
The vast majority of businesses simply use default settings or apply some minor tweaks.

You have to remember that small businesses make up most of the commercial\enterprise sector. In the U.S., it is something like 30 million small businesses versus 20,000 with 500 or more employees. Small businesses, as a general rule, do not devote the proper amount of resources to maximize security. Stuff like reading the manual, training, learning the product in-depth, etc ... that stuff just isn't done at all or given scant treatment. That's true of the one-person proprietorship to the medium sized businesses. And it isn't like the world's top companies are bastions of IT security best practices. It all comes down to dollars and cents. Not enough money, not enough people, not enough resources, not enough time - and above all else - little or no prioritization. The end results are poor implementations, bad practices and a whole slew of other things that negatively impact IT security.

It is because of these facts that various products such as AppGuard exist. They exist to plug the default security gap.
 
Last edited:

Lockdown

From AppGuard
Developer
Joined
Oct 24, 2016
Messages
3,301
#12
Am I the only one that scratched their heads when the saw that McAfee scored so well?!

Kaspersky and Bitdefender would be my top go to choices here. Trend Micro has always caught my eye as another good potential, but the false positives are so high with that software. We are a Kaspersky house at my place of employment. It would take a lot for me to say no to using Kaspersky. If we ever had to say "no" the next jump would certainly be Bitdefender.

~Brian
The only true indicator are results over a large number of tests. Even then, the product is going to provide good security within its capabilities, and not perfect security.
 

Windows_Security

Level 17
Content Creator
Trusted
Joined
Mar 13, 2016
Messages
843
OS
Windows 7
#13
Th nice thing about AV-Comparatives is that they review the GUI/managent console also and give an indication for which types of companies a product is suited for. I remember that UK and NL are the 2 countries in Europe with high level of consultancy, that probably explains that service providers install software in adviced settings.

@Lockdown, When all business software in US would beinstalled in default settings then all US companies are easy to hack (because 90% of the software comes with default admin passwords). Being an employee of AppGuard, you see only the companies which use AppGuard (I don't mind that you advertise AppGuard, but I don't buy that everything is installed with default settings in business environments),
 
Likes: BryanB

Lockdown

From AppGuard
Developer
Joined
Oct 24, 2016
Messages
3,301
#14
Th nice thing about AV-Comparatives is that they review the GUI/managent console also and give an indication for which types of companies a product is suited for. I remember that UK and NL are the 2 countries in Europe with high level of consultancy, that probably explains that service providers install software in adviced settings.

@Lockdown, When all business software in US would beinstalled in default settings then all US companies are easy to hack (because 90% of the software comes with default admin passwords). Being an employee of AppGuard, you see only the companies which use AppGuard (I don't mind that you advertise AppGuard, but I don't buy that everything is installed with default settings in business environments),
You're twisting my posted words. I never said all business security products are installed with default settings. I posted that the vast majority of commercial security softs are installed using the defaults.

It's widely known, widely accepted fact. Research it.

Big companies here in the U.S. are badly hacked every single day - but no one knows about it because there is no legal requirement for any company to report the hacks.

Just like with Windows, very few companies max out the security in Windows with GPO and other available tweaks. The number one complaint about Microsoft security among IT pros is the terrible usability\atrocious documentation. IT staff are generally overworked - and they are not going to spend hours upon hours on the net to figure out how to do something which Microsoft should already explain in-detail, step-by-step. And they ain't gonna spend the money to bring someone in to do it for them. So, more often than not, things are not configured for maximum settings.

And furthermore, most businesses are no different than home users "who want to use stuff" - they don't want security softs preventing users from doing stuff or being an inconvenience. That, more than anything else, drives the use of lower-level security products and settings.
 
Last edited:

Windows_Security

Level 17
Content Creator
Trusted
Joined
Mar 13, 2016
Messages
843
OS
Windows 7
#15
It's widely known, widely accepted fact. Research it.

Just like with Windows, very few companies max out the security in Windows with GPO and other available tweaks.
I disagree, now you are taking what the security industry is telling and researchers sponsored by security industry as true. Just think of it: when that would be really true, then the news about companies being hacked or having securitt breaches would be a million a week in the US. So allthese companies can't have business software implemented in default settings. Also when one buys security software, you might asume that the business partner vendor selling security software has a higher awareness of security as the local business partners selling other business software. When you think about what is parrotted it just can't be true, No way

Netherlands for instance is about the size of Maryland has only 200 large companies and 2 million smaller companies (belongs to the top 20 economies in the world). On Security.NL all breaches in NL and imprtant ones in the world are posted. With 2 million companies having default settings, there should be many more breaches reported,

When it is true that most security breache are casued by companies using software in default settings, the reverse (all companies use default settings) is not nesserarely true
 
Last edited:
Likes: Andy Ful

Lockdown

From AppGuard
Developer
Joined
Oct 24, 2016
Messages
3,301
#16
I disagree, now you are taking what the security industry is telling and researchers sponsored by security industry as true. Just think of it: when that would be really true, then the news about companies being hacked or having securitt breaches would be a million a week in the US. So allthese companies can't have business software implemented in default settings. Also when one buys security software, you might asume that the business partner vendor selling security software has a higher awareness of security as the local business partners selling other business software. When you think about what is parrotted it just can't be true, No way

Netherlands for instance is about the size of Maryland has only 200 large companies and 2 million smaller companies (belongs to the top 20 economies in the world). On Security.NL all breaches in NL and imprtant ones in the world are posted. With 2 million companies having default settings, there should be many more breaches reported,

When it is true that most security breache are casued by companies using software in default settings, the reverse (all companies use default settings) is not nesserarely true
Default settings is not the cause of most breaches. LOL.
 

Windows_Security

Level 17
Content Creator
Trusted
Joined
Mar 13, 2016
Messages
843
OS
Windows 7
#17
Last edited:

Slyguy

Level 35
Joined
Jan 27, 2017
Messages
2,426
OS
Other OS
#18
The vast majority of small firms use default settings but default settings aren't the root cause of breaches.

I've worked with several thousands firms over the years, the vast majority actually do use default settings. Not default logins, because those products require you to manually setup portal accounts. We're talking leaving the product post deployment on default settings. But the bad part is, most products in default are less than stellar configured. Trend Micro Worry Free for example on default has improved, but it used to basically be 75% configured by default. They've gotten better and moved to default-on for things like Machine Learning and the advanced Ransomware settings.

Symantec (SEP not SEPC) on default might as well be turned off. LMAO!

These days, MSP's are where it's at. MSP's target small to medium businesses for IT Management and if they are a qualified MSP with well trained staff they have their own best practice deployment systems and a business is vastly more secure retaining an MSP and paying a small monthly per-device fee rather than attempting to manage their IT themselves.
 
Joined
Jul 5, 2018
Messages
52
#19
It is because of these facts that various products such as AppGuard exist. They exist to plug the default security gap.

Cuz appguard with its default 10 guarded applications and nothing else configured works so good :LOL:

I wonder if the average employee using it will even move the slider to the Protected mode :ROFLMAO:
 
Forgot your password?