Emsisoft Internet Security vs Kaspersky Internet Security 2017

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
Well guess what, auto-resolve is going to quarantine safe, legit files. So the next complain from users will be "It is auto-quarantining my safe files !!" Really ? Then don't use auto-resolve. "No, I cannot make a decision. AV must tell me what to do or else it is garbage." Keep going in circles.
This has been a tough decision for Emsisoft to make for many years.

Like the example I gave for a legit, new and unknown software which just being launched in the market definitely many security software will flag it as a FP initially.
 
5

509322

This has been a tough decision for Emsisoft to make for many years.

Like the example I gave for a legit, new and unknown software which just being launched in the market definitely many security software will flag it as a FP initially.

If it blocks a legit file, then that file can be restored. It is as simple as that. The industry cannot foolproof their softs and at the same time cannot make everybody happy.

I just find the number of people who cannot or will not make an occasional decision rather astounding. Who ever said a user needs to make a decision at the very moment an alert appears ? Quarantine it and then investigate it. If it turns out to be safe, then restore it.
 
  • Like
Reactions: Fritz and mlnevese

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
If it blocks a legit file, then that file can be restored. It is as simple as that. The industry cannot foolproof their softs and at the same time cannot make everybody happy.

I just find the number of people who cannot or will not make an occasional decision rather astounding. Who ever said a user needs to make a decision at the very moment an alert appears ? Quarantine it and then investigate it. If it turns out to be safe, then restore it.
If you are sitting at home and just playing with the PC that's fine but in a work environment you may not have the luxury of time to do troubleshooting. A security software which can auto-decide is sure a definite help here
 
  • Like
Reactions: ravi prakash saini
5

509322

If you are sitting at home and just playing with the PC that's fine but in a work environment you may not have the luxury of time to do troubleshooting. A security software which can auto-decide is sure a definite help here

Block by default. It's the admins job to research it. That is why they get paid the big bucks.

In an enterprise environment with many workers willy-nilly accepting emails, opening and launching files... you better block by default.
 

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
Block by default. It's the admins job to research it. That is why they get paid the big bucks.
If block then the needed task cannot proceed, then how?

Like I said RIGHT decision-making is not just about system protection but also to get the desired end result
 
5

509322

If block then the needed task cannot proceed, then how?

Like I said RIGHT decision-making is not just about system protection but also to get the desired end result

Ideally, admins are supposed to vet stuff before they push it out to servers and workstations. It is called auditing and application control. What is not explicitly allowed, is blocked. However, many organizations opt for the "AV needs to tell me what to do" protection model and the it's-just-a-matter-of-time result is predictable.
 
  • Like
Reactions: ZeroDay

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
Ideally, admins are supposed to vet stuff before they push it out to servers and workstations. It is called auditing and application control. What is not explicitly allowed, is blocked. However, many organizations opt for the "AV needs to tell me what to do" protection model and the it's-just-a-matter-of-time result is predictable.
In a corporate environment usually mobile users face 2 scenarios

1) laptop issued by company
2) employee bring own laptop

Either or both cases there's always a high chance that the employee will surf the net and download something or use a USB device that screws up the laptop .

If it belongs to the company the IT guy will help to solve the problem. And this will take time as you and his locations may be geographically different. If it's your personal laptop the IT guy will unlikely be able to solve the problem because of the software you installed in your laptop.

Just imagine if you make a wrong decision and you cannot use the laptop or cannot complete a needed urgent task then how?
 
5

509322

Just imagine if you make a wrong decision and you cannot use the laptop or cannot complete a needed urgent task then how?

And what happens when the security soft that makes decisions for a user gets it wrong ? Your argument is for default-allow and that protection model has proven to be miserably ineffective.

The only reliably effective solution is to block by default. The system is supposed to be configured - whether it is supplied by company or employee - with what the employee needs to perform their job. New programs should not be installed on-the-fly, willy-nilly. And if they are, well I don't know what to tell anyone other than you did not adhere to recommended best security practices.
 

NikolayfromRussia

Level 16
Verified
Top Poster
Jul 3, 2014
750
I voted for KIS. As I used it before I find it very good in PC protection. EIS is also good but for me KIS is better. Moreover I choose KIS because US government removes Kaspersky from approved vendors list :)
 
  • Like
Reactions: R2D2
5

509322

6.4% is Not something to overlook; especially when it comes to Malware.

Why did they implement auto-resolve?

Passing the responsibility on Users,
via Allow/Block,
did Not work as expected...
:D

Based upon an old discussion on their forum, it was stated that the vast majority of Emsisoft users select the recommended action if presented with a behavior blocker alert that suggests a file action out of sorts within the context of what they are doing on the system at that moment. The only complaints about having to make a decision and false positives come from people on these forums.

They did not actually change anything except set the default action to Auto-resolve (use the recommended action) instead of the old default of Alert.

Why did they implement it ? Watch the next AV-Comparatives test. Emsisoft performance will be identical to Bitdefenders; there will be little to no yellow in the bar graph. And that is all most people pay attention to are those bar graphs and nothing else.

99% of the time the Antimalware Network identifies a malicious file as malicious. So it is actually rare for a user to be presented with a behavior blocker alert and have to make a decision. So all the complaints are blown way out of proportion by a tiny minority of people. Most users can figure out the behavior blocker alerts within the context of what they are doing on the system on their own.
 
Last edited by a moderator:

iAwake

Level 1
Verified
Aug 4, 2017
40
I believe both are equally good. Kaspersky better in features and emsisoft better in terms of light-weight security

last independent tests show the Emsisoft is heavier than Kaspersky..

Neglect the test labs and their results. I tried many of the solutions out there. Kaspersky makes games lagging and Avira too. Nothing with Emsisoft. This is my own experience and it does not apply to all users; different specifications e.g.
 
  • Like
Reactions: Fritz

RiderExpert

Level 2
Verified
Jul 21, 2016
53
One of the biggest benefits of Kaspersky is Application Control. If you configure it correctly it would be nearly impossible for a malware to do any damage.

Take ransomware for example. If you disable every protection component in Kaspersky with the exception of app control, none of your files in a protected folder you choose (you can choose all Hard Drive for example) will be encrypted. That's because Kaspersky (if configured correctly) won't allow any unknown programs to perform any action you set to deny (in this case, write, create and delete) , it does not matter if it's good or bad software. It is kind of a default-deny, but instead of denying running, you can configure denying specific actions for specific locations

So, if all Kaspersky award winning protection (including system watcher, that can restore your encrypted files in case it fails to stop the ransomware in time) fail, the malware won't be allowed to do any damage.

I've already seen Emsisoft fail with ransomware, allowing it to encrypt the files, not only in my tests (like that last one I did with Locky) but in Malware Hub too.

In my tests, It detected the ransomware with behavior blocker, but it was too late for most of the files. Since Emsisoft cannot restore the files like Kaspersky, the files were lost. For the same sample, Kaspersky blocked any modification on protected folders and 5 files on an unprotected location were encrypted. after that, Kaspersky stopped the ransomware and restored all 5 encrypted files.

If you protect the folders with Kaspersky, no damage will be made.

For me, first place goes to Kaspersky. But don't get me wrong. Emsisoft it as amazing security product with an amazing BB.
 

omidomi

Level 71
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Apr 5, 2014
6,008
Both Emsisoft and Kaspersky are good.
Detection:
both of them has good detection but Kaspersky do it better (with lower Fps).
UI:
In my opinion Kaspersky has better UI
Prevention:
Kaspersky has "System watcher" it means if you Infected with ransomware kaspersky can roll back all malware Infection!(I know this action is't work for all malware but personally I think its better than Emsisoft that no action same as it...)
System speed and...:
EIS has over 200MB on system but Kaspersky is light.
Emsisoft update volume is a little heavy(if you do't update it for 3 weeks its better than download it again!) but Kaspersky is very light in update,in my country with slow internet speed Kaspersky do a better job.
Support:
both of them has great support but Kaspersky do it faster,for me when I send them a ticket(or email) they reply me lower than 1 hour,but for Emsisoft they reply me after 1 hour.
popularity:
Kaspersky has 400 million users around the world and one of the biggest private cybersecurity company ...
Kaspersky detected many big malwares(same as Equation Group ...)
so I go with Kaspersky.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top