Emsisoft A.M & E.I.S now include Exploit Protection

[Terry Ganzi]

Here are some words from:
Fabian Wosar said: ↑
The answer to that is a bit complicated. Technically, yes:

However, you will notice that we do not advertise it and there are also no options for it. It's not listed as a feature either, mostly because it is far from being finished yet. In general I believe holding off security improvements until an arbitrary release date just to somehow "beef up" the release announcement is kind of stupid and not really in the interest of our users. That is why we will roll them out gradually during the coming months and announce them officially once they are complete, the same way we rolled out the script protection in the last version 10 updates already but didn't officially announce them until the version 11 release.

 

[Ink]

Source (Emsisoft Anti-Malware & Emsisoft Internet Security 11 Beta available | Page 2 | Wilders Security Forums)

If you're going copy and paste from other websites, remember to post the Source and quote only relevant information.

 

[Online_Sword]

Would this decrease the compatibility of Emsisoft Antimalware?

Fabian Wosar has ever mentioned that:

No, we do not provide anti-exploit capabilities.

The problem is that a significant portion of our users expect EAM to run alongside other AVs, which often already implement exploit mitigation features. Multiple exploit mitigations will ultimately clash in many cases.

Source: Emsi anti-exploit - Emsisoft Internet Security - Emsisoft Support Forums

 

[Terry Ganzi]

Source (Emsisoft Anti-Malware & Emsisoft Internet Security 11 Beta available | Page 2 | Wilders Security Forums)

If you're going copy and paste from other websites, remember to post the Source and quote only relevant information.

Nomally I does that but made & error on this one,i apologize for that.

 

[Enju]

Pretty interesting stuff going on with Emsisoft in the last few weeks! Hopefully they get rid of the Bitdefender engine and switch to something with more descriptive detection names (BD example: Trojan.GenericKD.somenumber) or improve their own engine.

 

[Secondmineboy]

Pretty interesting stuff going on with Emsisoft in the last few weeks! Hopefully they get rid of the Bitdefender engine and switch to something with more descriptive detection names (BD example: Trojan.GenericKD.somenumber) or improve their own engine.

Which Engine would you recommend?
Ive already suggested them to improve their own engine some time ago.

 

[Enju]

Which Engine would you recommend?
Ive already suggested them to improve their own engine some time ago.

Kaspersky or Dr. Web would be pretty sweet.

 

[Online_Sword]

Ive already suggested them to improve their own engine some time ago.

I agree. In particular, I hope they can use heuristic techniques in their own engine, just like some other antivirus programs using Bitdefender engine, including F-Secure and GData.

Kaspersky or Dr. Web would be pretty sweet.

Kaspersky is a good choice, but Dr.Web might not.
In my opinion, a significant advantage of Emsisoft is its scanning speed - really fast.
But if Emsisoft starts to use Dr.Web engine, maybe we need to wait one day for the scanning result.

 

[Secondmineboy]

Kaspersky or Dr. Web would be pretty sweet.

Kaspersky would be a good slowdown in scans, so it may be out of the run here.

The best thing they could do is to improve their own engine with heuristics,malware similarity search etc.

BUT how about ESETs engine in Emsisoft?

 

[Enju]

(...)
In my opinion, a significant advantage of Emsisoft is its scanning speed - really fast.
But if Emsisoft starts to use Dr.Web engine, maybe we need to wait one day for the scanning result.

Never found the full system scan of Emsisoft to be particularly fast to be honest.

Kaspersky would be a good slowdown in scans, so it may be out of the run here.

The best thing they could do is to improve their own engine with heuristics,malware similarity search etc.

BUT how about ESETs engine in Emsisoft?

Kaspersky quick scan (no iSwift or iChecker enabled) 1 min 18 sec.
Emisoft EK quick scan (time critical setting, with 5 threads) 1 min 3 sec.

I agree, they should improve their own engine and drop anything third party.

 

[Secondmineboy]

Never found the full system scan of Emsisoft to be particularly fast to be honest.

Kaspersky quick scan (no iSwift or iChecker enabled) 1 min 18 sec.
Emisoft EK quick scan (time critical setting, with 5 threads) 1 min 3 sec.

I agree, they should improve their own engine and drop anything third party.

Emsisoft is lightning fast on SSDs and flash harddrives

Emsisoft doesnt even have enough sigs at the moment, they just have 29 employeees total so not enough people to write out sigs at all i guess.
I dont even know how their own engine works.

They also have to improve their protection capabilities against Adwares and Junkwares, maybe illegal softwares as well, their sigs cant catch up on these yet. Maybe some BB feature may help. On something that works together with the Cloud backend.

 

[Azure]

Kaspersky or Dr. Web would be pretty sweet.

Having Kaspersky or ESET would be nice.


And since we're talking about replacing Bitdefender engine, I'm going to take liberty and quote some posts from Fabian:

"Detection rate is just one factor. There are lots of things to consider in addition to just the detection rate, for example:

• Is the engine even available for licensing?
• How much does licensing the engine cost?
• Does the engine fit into the existing technology stack?
• Does it support the features you require?

So yeah, there is more to choosing an engine to license than just detection rate."
Can emsisoft has option like signature option (1) bitdefender (2) emsisoft? - Emsisoft Anti-Malware

"Your argument is that we chose Bitdefender because it is "the best". Both Kaspersky as well as Avira consistently score higher in pure on-demand tests than Bitdefender does. If you consider PUP detection ESET is a superior contender as well. We considered all of them at one point or another but they were discarded for various reasons."
Can emsisoft has option like signature option (1) bitdefender (2) emsisoft? - Emsisoft Anti-Malware

 

[Online_Sword]

they just have 29 employeees total

I know Emsisoft is a small company, but in the past I thought they had about 100 ~ 200 employees...

 

[Kalimirro]

It is interesting to note what Emsisoft planning to do with 11th version.

Is this exploit in Office Word 2016, dangerous ???

 

[Secondmineboy]

It is interesting to note what Emsisoft planning to do with 11th version.

Is this exploit in Office Word 2016, dangerous ???

Without info of the sample we cannot know, but mostly YES.

I like answer 42 in this topic on their forum:

Can emsisoft has option like signature option (1) bitdefender (2) emsisoft? - Emsisoft Anti-Malware

 

[hjlbx]

I agree. In particular, I hope they can use heuristic techniques in their own engine, just like some other antivirus programs using Bitdefender engine, including F-Secure and GData.

Emsisoft does not use heuristics.

Nor does it use Intrusion Detection techniques like deep packet analysis.

They are not big fans of these. So, Emsisoft - which takes a measured, well-considered approach - must see problems with these. I think they view these techniques as unreliable.

 

[Enju]

(...)
We considered all of them at one point or another but they were discarded for various reasons."
Can emsisoft has option like signature option (1) bitdefender (2) emsisoft? - Emsisoft Anti-Malware

Their justification sounds reasonable, too bad they will most likely stick with it then. Oh well, as long as they keep using the BD SDK I won't install it.

 

[SloppyMcFloppy]

Interesting, now all they needs is webcam protection, and keylogger protection, then i will consider this as a good paid internet security suite. Also, i find BitDefender does really good as detecting malware but not PUPs, so something like Kaspersky or Avira can be nice as balance between malware and PUPs.

 

[Secondmineboy]

Interesting, now all they needs is webcam protection, and keylogger protection, then i will consider this as a good paid internet security suite. Also, i find BitDefender does really good as detecting malware but not PUPs, so something like Kaspersky or Avira can be nice as balance between malware and PUPs.

Theres already Keylogger protection in the BB i think, but i dont know about webcam protection.

 

[jamescv7]

As Exploit protection is at works, generally you don't need another AV to occupy for Emsisoft; especially the mitigation techniques may cause problems and crashes from its sensitivity level of access.

For the engine, the highest chance they can achieve is Kaspersky next to ESET and Dr.Web however that should really depends on overall agreement and conditions.

Dr.Web = for most sophisticated threats.
ESET and Kaspersky = for majority of zero day threats with balance of least FP rates.
Avira = high detection rate.

@user102: The overall concept of BB holds the suspicious behaviour if keystrokes are engage.