MacDefender

Level 11
Verified
Does F-Secure use a cloud based AVIRA engine or the full set offline signature + heuristics + cloud?
If F-Secure use Avira cloud it is synchronized?
Both. The cloud signatures are labeled APC/ “Avira Protection Cloud?” And I’ve seen HEUR detections both from APC and locally.

I’m not sure what you mean by synchronized though?

Note that F-Secure also has their own cloud. That gives “!fso” detections.
 

silversurfer

Level 63
Verified
Trusted
Content Creator
Malware Hunter
F-Secure Security Cloud is an essential part of delivering security to our customers. Security Cloud provides object reputation and threat analysis services for F-Secure services, with its data processing focusing solely on data relevant to detecting malicious and unwanted activities. Security Cloud analyzes files, processes, and other objects and their behavior in users' networks and devices in order to determine whether malicious or unwanted actions can or could have taken place.
Source: F-Secure Security Cloud privacy policy
 

MacDefender

Level 11
Verified
Thank you both.
By synchronized cloud I mean that Avira provides the cloud in real time or with minutes/hours of delay?
I'm pretty sure it's realtime. Avira wants to benefit too from having a bigger installbase -- their cloud works better with realtime submissions from F-Secure too.

Now, is it possible that Avira holds onto some of their advanced cloud features for themselves? Maybe! It wouldn't be a good move though. F-Secure moved away from AVP (Kaspersky) because they kept giving third parties older engines with worse performance compared to their own product. Now, Kaspersky has stopped doing that, but I wouldn't be surprised if some of these other engines on license (BitDefender and Avira) don't give out the best of the best to their partners.

However, so far, I've not seen any case where Avira detects something but F-Secure does not.


NOTE: F-Secure's VirusTotal engine does not include Avira Cloud (APC) signatures, for some reason. As a result, you'll see cases where F-Secure on VT says it doesn't detect something, but grabbing the sample yourself will get a APC detection. Also, APC is not consulted for on-demand scanning. It's only consulted before executing a new binary.
 

ouyangx

Level 11
the cloud detection response time between FS and Avira have differece in priorities, but both are real-time though.

APC has different levels of sample uploading and tuning in the cloud(like Avira mentioned in "Avira Protection Cloud Plus" in premium versions).
 
Top