ESET v18

Ahmed Uchiha

Level 2
Feb 5, 2021
62
ESET's version is 5 months older than its competitors in this video. You can check it on the video itself. It would've caught that sample otherwise. This alone invalidates this test and it has been discussed at length here. Leo has an agenda against ESET from the looks of it as he has repeatedly gimped ESET's tests on many occasions.

I agree on the security capabilities across versions, though. Bitdefender and Kaspersky offer the same degree of protection from their cheapest to their most expensive solutions. ESET still locks security behind a (very expensive) premium price tag.
But, even if the database 5 months old this shouldn't affect the behavioural blocker as it should detect and block new or unknown threats.
 
  • Like
Reactions: Sorrento

cofer123

Level 4
Sep 7, 2021
151
But, even if the database 5 months old this shouldn't affect the behavioural blocker as it should detect and block new or unknown threats.
And who can say that Kaspersky or Bitdefender could block that same sample 5 months prior to that test? Nobody, because it's not the same test.
 

SeriousHoax

Level 50
Verified
Top Poster
Well-known
Mar 16, 2019
3,935
ESET's version is 5 months older than its competitors in this video. You can check it on the video itself. It would've caught that sample otherwise. This alone invalidates this test and it has been discussed at length here. Leo has an agenda against ESET from the looks of it as he has repeatedly gimped ESET's tests on many occasions.
I don't regard ESET's behavior blocking ability highly (basically their smart heuristic is their behavior blocker) but the fact that Mr. Terrible malware tester Leo recorded ESET's part 5 months earlier is a fraud like behavior. Either he's an absolute idiot who thinks that a 5-month-old database wouldn't have an impact, or he really hates ESET for some reason. Maybe ESET once reported his test video to YouTube and his video got demonetized, so he got mad at them.
 

anirbandutta01

Level 10
Well-known
Jun 18, 2022
480
I don't regard ESET's behavior blocking ability highly (basically their smart heuristic is their behavior blocker) but the fact that Mr. Terrible malware tester Leo recorded ESET's part 5 months earlier is a fraud like behavior. Either he's an absolute idiot who thinks that a 5-month-old database wouldn't have an impact, or he really hates ESET for some reason. Maybe ESET once reported his test video to YouTube and his video got demonetized, so he got mad at them.
Agreed with you.
 

Vitali Ortzi

Level 30
Verified
Top Poster
Well-known
Dec 12, 2016
1,928
But doesn't ESET connected to the internet so it can access livegrid database?
I am not very tech savy but, I am trying to understand what gone wrong.
I think kaspersky and bitdefender would block the sample as they use cloud protection and strong behavioural blocker technology that less dependant on signatures.
Has much better offline detection then Kaspersky in this test Malware Protection Test March 2024
 

SeriousHoax

Level 50
Verified
Top Poster
Well-known
Mar 16, 2019
3,935
But doesn't ESET connected to the internet so it can access livegrid database?
I am not very tech savy but, I am trying to understand what gone wrong.
I think kaspersky and bitdefender would block the sample as they use cloud protection and strong behavioural blocker technology that less dependant on signatures.
ESET uses livegrid for file reputation checkup, it's not a malware database source. ESET along with other products update their signature database as well as behavior blocker database regularly. So, you cannot test a 5 month old database thinking the result would be the same as the current database.
Now we don't know if ESET would've detected it with latest database but the fact that he didn't do it is extremely suspicious.
 

cofer123

Level 4
Sep 7, 2021
151
Now we don't know if ESET would've detected it with latest database but the fact that he didn't do it is extremely suspicious.
It would have detected it: https://forum.eset.com/topic/42899-eset-home-fails-ransomware-test/#findComment-191147

Marcos said:
The detection was added on May 30 when it was blocked also in LiveGrid. The only explanation I can think of is that the user tested a different file or before the detection was added.
That comment was before everyone realized the test used an outdated version, hence the confusion.
 

Ahmed Uchiha

Level 2
Feb 5, 2021
62
I know that ESET has the best detection and signatures but it lack behavioural protection compared to bitdefender or kaspersky against ransomware I hope they add rollback feature and better behavioural protection this will boost ESET by much I don't know why till this moment they did't add these features.
 

Sorrento

Level 14
Verified
Top Poster
Well-known
Dec 7, 2021
676
Can we just agree that this Leo person is a quack with an agenda?
I don't agree that's going a bit far, as is the assumption that he has been reported - Just an unfounded assumption - You are going by one test & building the CN Tower on it, if the thread continues Leo will be hung drawn & quartered by the end of today - Although I don't think most malware testing is realistic anyway but Leo is not much different to the rest - If people disagree with the methodology do your own videos as Shadowa has, or don't look at his videos?
 

Minimalist

Level 10
Verified
Well-known
Oct 2, 2020
468
In this video leo tested ESET with all protection including realtime protection on and yet failed to detect unknown ransomware sample also, locking security or protection feature like live guard behind extra money to be paid is not good internet security users should get same level of peotection as the ultimate they can make the vpn and other privacy features for the ultimate but, not the protection that it's already weak against new threats and lack strong behavioural blocker.
If you recheck that video you'll notice that other solutions were tested in October while Eset was tested in May. Also they were tested with different simulators. For other solutions he used simulator that encrypted files in one directory only for Eset he used the one that tries to encrypt files in other locations as well. What other differences were bitween those to samples, I don't know. So we are basically talking about comparing apples to oranges.

Interesting question remains why did he do it this way? Why didn't he show how Eset performed in October with the same test sample as the other solutions? There is no explanation about that in video.
My guessing is that he performed test with Eset also and Eset probably blocked the simulator (maybe even with signature detection). Since it's clear to me from previous tests that he doesn't like Eset, he probably decided not to show this test and rather used some old test when Eset failed to make his point. Or even to show Eset in bad light.
Since there is no explanation from him why he compared "apples to oranges", we can make our own conclusions.

Anyway for me he lost that little of credibility he still had before as unbiased tester.
 

cartaphilus

Level 12
Well-known
Mar 17, 2023
575
I don't agree that's going a bit far, as is the assumption that he has been reported - Just an unfounded assumption - You are going by one test & building the CN Tower on it, if the thread continues Leo will be hung drawn & quartered by the end of today - Although I don't think most malware testing is realistic anyway but Leo is not much different to the rest - If people disagree with the methodology do your own videos as Shadowa has, or don't look at his videos?
Two tests but true. It's easy to armchair critique someone else's work it's a lot different when you are in their shoes. His intentions might have been noble and not everyone researches the tech they are supposed to test. Although one should since their "tests" are what drive opinions and the market. One CEO can see one unknown test and start forming an opinion based on the covert or overt bias.
 
  • Like
Reactions: Jonny Quest

Vitali Ortzi

Level 30
Verified
Top Poster
Well-known
Dec 12, 2016
1,928
I know that ESET has the best detection and signatures but it lack behavioural protection compared to bitdefender or kaspersky against ransomware I hope they add rollback feature and better behavioural protection this will boost ESET by much I don't know why till this moment they did't add these features.
It does have behavior and roll back
Specifically the roll back is a new module and I have it enabled on my eset endpoint advanced client the feature is called ransomware remediation and unfortunately since it's new there isn't really tests of it
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top