Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
ESET
Eset 13.0.22.0 Final
Message
<blockquote data-quote="MacDefender" data-source="post: 861373" data-attributes="member: 83059"><p>Yes! This is spot on and better than how I said it. When I say "signatures" in the context of ESET I really mean static scanning analysis. Unlike how most signature engines tend to work, the ESET one seems to be extremely good at identifying variants of existing malware without being prone to false positives.</p><p></p><p>A lot of other AV engines have some sort of machine learning component and so does ESET with the ML/ detections. . Symantec's "AdvML" detections seem to trigger on new malware once in a while too. But ESET's standout feature is how often its "Variant of XXXXXX" detections are spot on and match the names that other AV engines eventually assign to the malware.</p><p></p><p>When I first heard about this I suspected they would have a lot of false positives but that's not true at all. In fact a lot of other engines that don't do a good job in the real world of statically identifying new malware variants actually have more false positives to harmless things. I've seen a few cases where unpacking or repacking a VMWare piracy tool would generate "VM detection" heuristic detections simply because the crack contains snippets of the VMWare binary. I've yet to see ESET tricked by situations like this.</p><p></p><p></p><p>And yes you are definitely right it's not fair to turn off ESET'S protection layers. A lot of folks (myself) are tempted because we don't like SSL inspection or we have seen performance degradation due to this kind of network stack protocol filter, but while other AVs tend to carry a dynamic behavior blocker as a last line of defense, the same doesn't hold for ESET and it might be a really bad idea and a more significant loss of protection with ESET.</p></blockquote><p></p>
[QUOTE="MacDefender, post: 861373, member: 83059"] Yes! This is spot on and better than how I said it. When I say "signatures" in the context of ESET I really mean static scanning analysis. Unlike how most signature engines tend to work, the ESET one seems to be extremely good at identifying variants of existing malware without being prone to false positives. A lot of other AV engines have some sort of machine learning component and so does ESET with the ML/ detections. . Symantec's "AdvML" detections seem to trigger on new malware once in a while too. But ESET's standout feature is how often its "Variant of XXXXXX" detections are spot on and match the names that other AV engines eventually assign to the malware. When I first heard about this I suspected they would have a lot of false positives but that's not true at all. In fact a lot of other engines that don't do a good job in the real world of statically identifying new malware variants actually have more false positives to harmless things. I've seen a few cases where unpacking or repacking a VMWare piracy tool would generate "VM detection" heuristic detections simply because the crack contains snippets of the VMWare binary. I've yet to see ESET tricked by situations like this. And yes you are definitely right it's not fair to turn off ESET'S protection layers. A lot of folks (myself) are tempted because we don't like SSL inspection or we have seen performance degradation due to this kind of network stack protocol filter, but while other AVs tend to carry a dynamic behavior blocker as a last line of defense, the same doesn't hold for ESET and it might be a really bad idea and a more significant loss of protection with ESET. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
