F-Secure 17.5 beta 10 (now with Avira signatures)

Lord Ami

Lord Ami

Level 21
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 14, 2014
1,036
Hello all!

Seems like with latest beta, FS changed from Bitdefender to Avira engines.
Detection names speak for themselves:
1541174002026.png

Old engine was Aquarius (with Bitdefender signatures), new one is named Capricorn (with Avira signatures).

Quoting F-Secure team member
"Aquarius has been replaced with our new Capricorn engine. Capricorn is our new cloud-hybrid file and URL analysis service for F-Secure's endpoint products — for all platforms."
Click to expand...


What do you think about such switch? One instant change I saw is smaller size of signature's folder (couple of hundred of megabytes).
 
Last edited:
  • Like
Reactions: memnon, Mahesh Sudula, Al-Faqir and 26 others
Faybert

Faybert

Level 24
Verified
Top Poster
Well-known
Jan 8, 2017
1,320
I was already for some time thinking of a change to F-Secure, not only for protection and privacy, but mainly for the excellent performance (lightness, without braking the navigation, games and etc), with this good news, I think the time has come :cool:
 
  • Like
Reactions: OhioRebel, Al-Faqir, tonibalas and 12 others
Lord Ami

Lord Ami

Level 21
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 14, 2014
1,036
I can comment that signature updates are way faster now, thanks to Avira's sigs being smaller and some of them offloaded to cloud. That's a good in my opinion - BD signature updates have always been somewhat clumsy.
 
  • Like
Reactions: ZeroDay, Al-Faqir, Andrew999 and 15 others
kiric96

kiric96

Level 19
Verified
Well-known
Jul 10, 2014
917
Lord Ami said:
Hello all!
Quoting F-Secure team member
.
Click to expand...

Do you have the original post where thay talk about it, i was searching for it today and i could not find it :/ and yes it seems that the whole module is now from avira, i wonder if at the end it may decrease the detection rate.


Lord Ami said:
I can comment that signature updates are way faster now, thanks to Avira's sigs being smaller and some of them offloaded to cloud. That's a good in my opinion - BD signature updates have always been somewhat clumsy.
Click to expand...

errr, from what i know bitdefender adds signature every couple of hours (may be each 1 or 2 hours) in the case of avira (and checking with f-secure) they seem to release less signatures per day, as of right now the capricorn module shows that only 6 packages of signature have been rolled out, where in the case of bitdefender that count may double (10+ package signature)
1541204561432.png

PDT: like the new screen they added
1541204511460.png
 
Last edited:
  • Like
Reactions: vtqhtr413, tonibalas, Der.Reisende and 1 other person
Lord Ami

Lord Ami

Level 21
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 14, 2014
1,036
gricardo21 said:
Do you have the original post where thay talk about it, i was searching for it today and i could not find it :/ and yes it seems that the whole module is now from avira, i wonder if at the end it may decrease the detection rate.
Click to expand...

Here you go: Re: FS Protection PC 17.5 releases - Page 3 - F-Secure Community - 111694

gricardo21 said:
errr, from what i know bitdefender adds signature every couple of hours (may be each 1 or 2 hours) in the case of avira (and checking with f-secure) they seem to release less signatures per day, as of right now the capricorn module shows that only 6 packages of signature have been rolled out, where in the case of bitdefender that count may double (10+ package signature)
View attachment 200742

PDT: like the new screen they added
View attachment 200741
Click to expand...
True: VDF History
I kept eye on it and FS beta was kept up to date (maybe some minutes delay - but it was updated according to Avira VDF releases).
They also seem to be using Avira's cloud to some extent. From my test you can see that one of the detections was APC/Heur.
APC = Avira Protection Cloud.

Furthermore I tested the same pack with Avira and many of the TR/ etc detections had actually "Cloud" after them (static scan). So it's definitely interesting to see where it leads :)
 
  • Like
Reactions: ZeroDay, Nightwalker, vtqhtr413 and 7 others
Lord Ami

Lord Ami

Level 21
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 14, 2014
1,036
Lockdown said:
The reason F-Secure would transition to Avira's scanner is due to the high false positives of the F-Secure scan technology.
Click to expand...
I can not speak on behalf of FS but as I understand, they still include their own engines (Hydra and Virgo). Thus the scanner technology is more or less the same (except BD sigs). I doubt Bitdefender was the source of the FPs - it should be DeepGuard which blocked "rather rare" files that belonged to legit software or otherwise flagged legitimate files because of their behaviour.
I had this similar issue some months ago, but now the situation seems to be much improved (as reflected in ... khm, tests).

However, I do not know the technical side of the scanner engine. I could be wrong.

My 2 cents (and experience with it - for over a year).
 
  • Like
Reactions: vtqhtr413, tonibalas, silversurfer and 3 others
5

509322

Lord Ami said:
I can not speak on behalf of FS but as I understand, they still include their own engines (Hydra and Virgo). Thus the scanner technology is more or less the same (except BD sigs). I doubt Bitdefender was the source of the FPs - it should be DeepGuard which blocked "rather rare" files that belonged to legit software or otherwise flagged legitimate files because of their behaviour.
I had this similar issue some months ago, but now the situation seems to be much improved (as reflected in ... khm, tests).

However, I do not know the technical side of the scanner engine. I could be wrong.

My 2 cents (and experience with it - for over a year).
Click to expand...

Then the next logical reason is Avira gave them a better deal.
 
  • Like
Reactions: ZeroDay and Lord Ami
kiric96

kiric96

Level 19
Verified
Well-known
Jul 10, 2014
917
Lord Ami said:
Here you go: Re: FS Protection PC 17.5 releases - Page 3 - F-Secure Community - 111694


True: VDF History
I kept eye on it and FS beta was kept up to date (maybe some minutes delay - but it was updated according to Avira VDF releases).
They also seem to be using Avira's cloud to some extent. From my test you can see that one of the detections was APC/Heur.
APC = Avira Protection Cloud.

Furthermore I tested the same pack with Avira and many of the TR/ etc detections had actually "Cloud" after them (static scan). So it's definitely interesting to see where it leads :)
Click to expand...

Have you done these test without internet? by the way, do anyone knows if in the normal version of f-secure they still include BD engine? (fs-safe)
 
  • Like
Reactions: vtqhtr413, upnorth and Der.Reisende
Lord Ami

Lord Ami

Level 21
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 14, 2014
1,036
gricardo21 said:
Have you done these test without internet? by the way, do anyone knows if in the normal version of f-secure they still include BD engine? (fs-safe)
Click to expand...
Normal still uses BD.

I've not done it without internet connection. I'll might as well do it with the next pack. Just for the sake of testing :)
 
  • Like
Reactions: vtqhtr413, silversurfer, upnorth and 1 other person
kiric96

kiric96

Level 19
Verified
Well-known
Jul 10, 2014
917
Lord Ami said:
Normal still uses BD.

I've not done it without internet connection. I'll might as well do it with the next pack. Just for the sake of testing :)
Click to expand...
let me know the results :D I guess that AVC is embedded into their security cloud as they use the same signature, it makes sense for me. I wonder why they never put bitdefender cloud into their own engine.
 
  • Like
Reactions: vtqhtr413, upnorth and Der.Reisende
Mariihh

Mariihh

Level 3
Verified
Well-known
Mar 30, 2018
139
F-Secure realized the dream of avira lovers, who always asked for changes (new interface and a BB), but were never heard, simplifying, F-secure became what would be the ideal avira, with a good interface, lightness, and an acting blocker of behavior, In addition to the signatures (Avira and its own engine). F-Secure Point (y)
 
  • Like
Reactions: DDE_Server, Andrew999, OhioRebel and 7 others

Similar threads

Shadowra
    • Like
    • +Reputation
    • Thanks
App Review F-Secure Internet Security v19.5
Replies
24
Views
2,246
Video Reviews - Security and Privacy
zidong
zidong
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review F-Secure TOTAL 2024
Replies
30
Views
4,266
Video Reviews - Security and Privacy
Shadowra
Shadowra
Anthony Qian
    • Like
    • Applause
    • +Reputation
App Review F-Secure SAFE 18.2
Replies
60
Views
12,772
Written Reviews - Security and Privacy
Sorrento
Sorrento

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top