Does Bitdefender AV have a file reputation mechanism?

Status
Not open for further replies.
R

RoastedHaggis

Level 1
Thread author
Jan 17, 2018
4
Hello, I'm planning to get an AV and so am checking up on various features of different AV's and so was wondering, does Bitdefender Antivirus have a file reputation mechanism, something akin to Kasperky's Application advisor? And if so, what are the odds of a file compiled by me being detected as a false positive? Like, how robust are those systems anyway? Because it seems like a big feature which some AV's proudly present, but I mean, if all it does is tell you that a file is "rare - therefore suspicious" it seems likely to be extremely prone to false positives, is that the case?

Also, if you could direct me to any documents that elaborate on that, that'd be grand.

Many thanks =)
 
  • Like
Reactions: brambedkar59, Sunshine-boy, bribon77 and 1 other person
T

TrinitronMSDOS

Hi, i see that you are a new member, so welcome to the MalwareTips community. I have no idea if Bitdefender offers this fonction. I reply to this message in hope that someone that is more familiar with the product will answer you. Usually questions or posts are answered quite promptly, i don't know why your post was left unanswered since a few days :unsure:
 
  • Like
Reactions: brambedkar59, bribon77, XhenEd and 1 other person
R

RoastedHaggis

Level 1
Thread author
Jan 17, 2018
4
mlnevese said:
It does have cloud features but no reputation check as far as I know.
Click to expand...

Cloud features but no reputation check? Could you please explain the difference? I was under the impression that a reputation check (one which is done automatically upon execution/download) is part of the cloud features.

It confuses me quite a bit as practically every av app that I checked had reputation features mentioned, for example here's regarding Bitdefender:
https://businessresources.bitdefend...ss-2015-SolutionPaper-ATC-93030-en_EN-web.pdf

"Bitdefender’s Global Protective Network (GPN) performs 11 billion queries per day, and uses reflective models and advanced machine
learning algorithms to extract malware patterns, ensuring real-time protection against any threat... It updates the reputation of apps, email sources and websites,
and broadcasts alerts."

So maybe we're talking about different things here? I would greatly appreciate anyone clearing the confusion, as I'm not even sure what "reputation features" entails at this point.

Many thanks for the warm welcome =)
 
  • Like
Reactions: brambedkar59, bribon77, Handsome Recluse and 1 other person
R

RoastedHaggis

Level 1
Thread author
Jan 17, 2018
4
Makes sense, much obliged.

I have downloaded a trial version of Kaspersky Total Security and couldn't help but notice that it doesn't notify me whenever I'm running unknown files (like a hello world file which I just created, for example). I thought that the idea was essentially a whitelist of files, and whenever a file isn't known, the user is notified, it wasn't the case however. Could I be misunderstanding the idea of reputation here?
Thanks =)
 
  • Like
Reactions: brambedkar59, bribon77 and harlan4096
harlan4096

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,664
By default KIS/KTS is installed in default settings (in Auto Mode), so average user will almost get any warning, but if You go to Application Control, probably You will see that Your unknown application has been moved to "Low Restriction" group...

To get warnings You have to enable "Interactive Mode" and make some others strong tweaks ;)
 
  • Like
Reactions: ZeroDay, brambedkar59, mlnevese and 2 others
R

RoastedHaggis

Level 1
Thread author
Jan 17, 2018
4
Many thanks!
So basically, a lack of reputation will not trigger a warning at any point? Kinda worrying that I have to set all settings on paranoid in order to get alerted whenever a file I'm about to launch is suspicious. Will it just, launch then?
 
  • Like
Reactions: mlnevese and bribon77
harlan4096

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,664
  • Like
Reactions: RoastedHaggis, mlnevese, brambedkar59 and 1 other person
mlnevese

mlnevese

Level 26
Verified
Top Poster
Well-known
May 3, 2015
1,535
RoastedHaggis said:
Cloud features but no reputation check? Could you please explain the difference? I was under the impression that a reputation check (one which is done automatically upon execution/download) is part of the cloud features.

It confuses me quite a bit as practically every av app that I checked had reputation features mentioned, for example here's regarding Bitdefender:
https://businessresources.bitdefend...ss-2015-SolutionPaper-ATC-93030-en_EN-web.pdf

"Bitdefender’s Global Protective Network (GPN) performs 11 billion queries per day, and uses reflective models and advanced machine
learning algorithms to extract malware patterns, ensuring real-time protection against any threat... It updates the reputation of apps, email sources and websites,
and broadcasts alerts."

So maybe we're talking about different things here? I would greatly appreciate anyone clearing the confusion, as I'm not even sure what "reputation features" entails at this point.

Many thanks for the warm welcome =)
Click to expand...

Bitdefender will check any behaviour against its cloud and flag the software as dangerous blocking it. You just cant send a file to the cloud for checking yourself.
 
  • Like
Reactions: brambedkar59, bribon77 and harlan4096
mlnevese

mlnevese

Level 26
Verified
Top Poster
Well-known
May 3, 2015
1,535
RoastedHaggis said:
Many thanks!
So basically, a lack of reputation will not trigger a warning at any point? Kinda worrying that I have to set all settings on paranoid in order to get alerted whenever a file I'm about to launch is suspicious. Will it just, launch then?
Click to expand...

Most antimalware products will not alert you unless the program you're trying to run tries to do something dangerous or presents suspect behavior. A "Hello World" program will just display a message on screen... that's not suspicious or dangerous.. now if it tried to elevate itself and access your documents folder, for instance, it would be instantly blocked as it's an unknown software trying to gain privileges.

To act otherwise would drive most users insane with alerts every five seconds or so...

There are default deny software out there and I believe that's what you're looking for from your questions.
 
  • Like
Reactions: harlan4096 and brambedkar59
Status
Not open for further replies.

Similar threads

Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Bitdefender Internet Security 2024
Replies
6
Views
1,110
Video Reviews - Security and Privacy
harlan4096
harlan4096
Shadowra
    • Like
    • Wow
    • +Reputation
App Review Bitdefender Total Security
Replies
23
Views
3,363
Video Reviews - Security and Privacy
franz
franz
Trident
    • Like
    • +Reputation
    • Thanks
Serious Discussion ZoneAlarm by Check Point Info, Guides, Tests
Replies
157
Views
14,078
Other security for Windows, Mac, Linux
NormanF
N

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top