ESET and zero - day threats

[FleischmannTV]

I know what you mean, though with any detection based security product malware might end up in system32, yet that alone doesn't mean that the security product doesn't protect from infections in system32.

 

[Arakasi]

In fact, HIPS does just that. It has pre-configured rules to prevent uncommon changes in crucial windows directories or with services.

 

[Khairul]

For me ESET detection to an unknown Malware are depends on the setting, as ESET setting are so flexible that its suitable from SUPER DUPER NOOB to the EXPERT. So it depends on the setting.

 

[soccer97]

Actually, I had the exact same question, because there was some confusion. I contacted ESET support via Live Chat. The support representative was very helpful, and gave me this link. He said it was updated daily, and shows the effectiveness of the major security software against 0-day threats. It is fresh information, I got it yesterday.

A word of Warning. This site may contain links to malware. Be careful, and only view this one page. This site is for security researchers.

Site Description:
WARNING: This website is a resource for security professionals and enthusiasts.
CRDF Threat Center is a non-commercial community project. Our list can be used for free by anyone. Feel free to use it.

Website comparing the 0-day statistics: https://threatcenter.crdf.fr/?Stats
(Courtesy of an ESET support representative)

I would only stay on that page. The other pages contain links to malicious URL's (they are URL's to avoid). The purpose of this post was to answer your question.

 

[nissimezra]

Actually, I had the exact same question, because there was some confusion. I contacted ESET support via Live Chat. The support representative was very helpful, and gave me this link. He said it was updated daily, and shows the effectiveness of the major security software against 0-day threats. It is fresh information, I got it yesterday.

A word of Warning. This site may contain links to malware. Be careful, and only view this one page. This site is for security researchers.

Site Description:
WARNING: This website is a resource for security professionals and enthusiasts.
CRDF Threat Center is a non-commercial community project. Our list can be used for free by anyone. Feel free to use it.

Website comparing the 0-day statistics: https://threatcenter.crdf.fr/?Stats
(Courtesy of an ESET support representative)

I would only stay on that page. The other pages contain links to malicious URL's (they are URL's to avoid). The purpose of this post was to answer your question.

thanks for sharing

 

[FleischmannTV]

The support representative was very helpful, and gave me this link.

Website comparing the 0-day statistics: https://threatcenter.crdf.fr/?Stats
(Courtesy of an ESET support representative)

Actually what he told you was a load of crap.

This site in no way tests actual 0-day detection capabilities. CRDF uses VirusTotal for the scanning. Meaning this is a simple on demand signature scan, so behavior blocker, HIPS, reputation components (and more...) of modern AVs are left out of the picture.

Therefore a product could be at the bottom of that list and still protect you better than the one at the top. Do you really think Malwarebytes has better 0-day protection than Emsisoft, Kaspersky, F-Secure and the likes? This list is nothing if not misleading and should never be posted without a serious disclaimer (because nobody understands it correctly).

Hence the support representative wasn't helpful, he either deceived you or he was so incompetent that he didn't understand how CRDF works either.

- - - - - - - - - - -
Here is a statement from @Fabian Wosar on Wilders Security in regards to how CRDF really works:

http://www.wilderssecurity.com/thre...okay-with-other-av.344021/page-2#post-2210119