HOME ANTI- MALWARE PROTECTION JUL - SEP 2018

[Nightwalker]

Normal end user doesn't need these features at all..Because they never work!
If u clearly examine, Eset was vulnerable to all the ransom attacks during outbreak!
Though they claim they blocked WC through firewall eternal blue ..Even that's a signature based update..Their Uefi scanner god should know!
How would I expect these features from a vendor to work who cannot just come up
with a BB
Moreover Avast , Quick heal , G data all these guys are better over eset in every part since they have balanced protection..But these results are just opposite
If I remember correctly Nss labs sued some vendors claiming to influence the tests and results, Eset Avira McAfee were in that list!
Nothing against Eset, but facts should be out right !

These arent facts, it is just your opinion.

Example of Ransomware being stopped proactively:
ETERNALBLUE vs Internet Security Suites and nextgen protections - MRG Effitas (WannaCry)

ESET has many zero day protection modules (In-product Sandbox, Network Attack Protection, Behavioral Detection and Blocking, Exploit Blocker, Botnet protection) and along with Kaspersky the best heuristic in the market.


Refer to this if you want to know more:
https://cdn1.esetstatic.com/ESET/INT/Docs/Others/Technology/ESET-Technology-2017.pdf

 

[Burrito]

Trend is a long story.

1) Talent lost when the fusion with Booz Allen took place, and some disagreement from talent about the militarization of it.
2) Focus on HES AI and BEC systems, HES is a cash cow for Trend, so it's smart they put a lot of R&D into the BEC and AI systems.
3) Deprecation of Worry Free+Home lines in favor of the new Apex offering coming soon. So the R&D is going strong into their XGen offering which won't share the same underpinnings of Worry Free/Maximum Security, which still shares lineage with PC-Cillan.

All of those played into the decline lately. Trend is largely moving to their Apex Suite which will render their Worry Free and Maximum Security almost totally obsolete. Apex should put Trend at the top again, but expect some further declines in their normal offerings as the full force of their development teams move to that lineup (SaaS).

PS: I am still around, but certain changes in my career have required a much lower profile out and about. So I limit my exposure to a greater degree these days.

Good info. I had not heard that Trend was developing a new product, Apex. I'll be interested in checking that out when it comes out.

And.... very good (I assume) -- on the changes in your career. Sounds like you may be 'in the game' (just a guess) -- a part of the community that I'm in. When you're in DC next, stop by and we'll go get a beer. Cheers.

 

[Burrito]

These aren't facts, it is just your opinion.

Example of Ransomware being stopped proactively:
ETERNALBLUE vs Internet Security Suites and nextgen protections - MRG Effitas (WannaCry)

ESET has many zero day protection modules (In-product Sandbox, Network Attack Protection, Behavioral Detection and Blocking, Exploit Blocker, Botnet protection) and along with Kaspersky the best heuristic in the market.

Refer to this if you want to know more:
https://cdn1.esetstatic.com/ESET/INT/Docs/Others/Technology/ESET-Technology-2017.pdf

Yes, I was thinking similarly.

Nightwalker is correct -- as he usually is.

 

[ForgottenSeer 72227]

These arent facts, it is just your opinion.

Example of Ransomware being stopped proactively:
ETERNALBLUE vs Internet Security Suites and nextgen protections - MRG Effitas (WannaCry)

ESET has many zero day protection modules (In-product Sandbox, Network Attack Protection, Behavioral Detection and Blocking, Exploit Blocker, Botnet protection) and along with Kaspersky the best heuristic in the market.


Refer to this if you want to know more:
https://cdn1.esetstatic.com/ESET/INT/Docs/Others/Technology/ESET-Technology-2017.pdf

^^This

 

[Mahesh Sudula]

These arent facts, it is just your opinion.

Example of Ransomware being stopped proactively:
ETERNALBLUE vs Internet Security Suites and nextgen protections - MRG Effitas (WannaCry)

ESET has many zero day protection modules (In-product Sandbox, Network Attack Protection, Behavioral Detection and Blocking, Exploit Blocker, Botnet protection) and along with Kaspersky the best heuristic in the market.


Refer to this if you want to know more:
https://cdn1.esetstatic.com/ESET/INT/Docs/Others/Technology/ESET-Technology-2017.pdf

Great to see ..But do not make yourself convinced with out knowing the fact|!
Have a look at below video how smart Eset is .
CVE stands for Common Vulnerability and exposures list which consists of signature based network attacks by their firewalls..It is manually a written signature not some sort of next gen technology.
All network attacks comes under CVE list and Eset just blocks manually made threat CVe identifier from their firewall though this is not guaranteed to all W Cry variants.
I have pretty large experience with Eset products ..So I do have Evidence for what I talk.
I could not expect block nothing more than signatures with W cry except Norton, Dr Web, F secure-> so the above lab results reflect their quality

 

[ForgottenSeer 55474]

Hello,where is Bitdefender?

 

[Nightwalker]

Great to see ..But do not make yourself convinced with out knowing the fact|!
Have a look at below video how smart Eset is .
CVE stands for Common Vulnerability and exposures list which consists of signature based network attacks by their firewalls..It is manually a written signature not some sort of next gen technology.
All network attacks comes under CVE list and Eset just blocks manually made threat CVe identifier from their firewall though this is not guaranteed to all W Cry variants.
I have pretty large experience with Eset products ..So I do have Evidence for what I talk.
I could not expect block nothing more than signatures with W cry except Norton, Dr Web, F secure-> so the above lab results reflect their quality

So what? Next gen is usually just a buzzword, what matters is that different from what you said ("Eset was vulnerable to all the ransom attacks during outbreak" ), the ESET solution proactively protected the system against a major ransomware outbreak.

IPS protection is usually very efficient because unlike the payload, the elements of the attack remains in a obvious way (unless you employ some obfuscation techniques).

Anyway I am done with the offtopic, the facts are there to anyone see.

 

[vtqhtr413]

2.5 Target System details

The Target Systems are identical Windows systems specified as below.

Each system is disconnected from the internet and is isolated from other Target Systems using Virtual Local Area Networks (VLANs).
Each system runs Windows 7 (64-bit), updated with security patches available up to Service Pack 1.
Popular but vulnerable third-party applications installed include Adobe Flash Player, Adobe Reader, Apple QuickTime and Oracle Java (32-bit).
If a security product requires an updated file from Microsoft the tester will install the necessary file.
Products run with the default settings. Additional logging may be enabled if requested by the vendor of the product in question. Vendors of business software are invited to make configuration recommendations.
All products are deployed with the appropriate state and/ or version according to the time period being simulated in the test.

2.6 Target System specification

Specification: Virtualised; 4GB RAM


Q&A

Q I am a security vendor. How can I include my product in your tests?

A Please contact us at info@SELabs.uk. We will be happy to arrange a phone call to discuss our methodologies and the suitability of your product for inclusion.

Q I am a security vendor. Does it cost money to have my product tested?
A We do not charge directly for testing products in public tests. We do charge for private tests.

Q What is a partner organisation? Can I become one to gain access to the threat data used in your tests?
A Partner organisations support our tests by paying for access to test data after each test has completed but before publication. Partners can dispute results and use our award logos for marketing purposes. We do not share data on one partner with other partners. We do not currently partner with organisations that do not engage in our testing.

Q So you don’t share threat data with test participants before the test starts?
A No, this would bias the test and make the results unfair and unrealistic.

Q I am a security vendor and you tested my product without permission. May I access the threat data to verify that your results are accurate?
A We are willing to share small subsets of data with non-partner participants at our discretion. A small administration fee is applicable.

 

[shmu26]

I just emailed them:

Could you please share the specific settings and configuration of the various products tested in the most recent Home Anti-Malware Protection report?
We can't effectively evaluate the results without knowing the customized settings that were applied.

And this is their answer:

RE: SE Labs - Contact Form
Inbox
x

Simon Edwards <**@selabs.uk>

3:55 PM (24 minutes ago)

to me

Hi Shmu,


For consumer products the configurations are the default, as installed with no changes/ customisations. Things are different for the business products.

Best wishes,
Simon

From: SE Labs <no-reply@selabs.uk>
Sent: 30 October 2018 10:15
To: Simon Edwards <**@selabs.uk>
Subject: SE Labs - Contact Form

This message has been sent from SE Labs contact form.
Message information:
From: Shmu
E-mail: **@gmail.com

Message: Could you please share the specific settings and configuration of the various products tested in the most recent Home Anti-Malware Protection report? We can't effectively evaluate the results without knowing the customized settings that were applied.

 

[Andy Ful]

They should correct the APPENDIX B: FAQs section in the consumer report (page 16). It contains a point that is somewhat misguiding:
"All products were configured according to each vendor’s recommendations, when such recommendations were provided."

 

[509322]

They should correct the APPENDIX B: FAQs section in the consumer report (page 16). It contains a point that is somewhat misguiding:
"All products were configured according to each vendor’s recommendations, when such recommendations were provided."

They probably used a report template to create the report. And missed that part about using custom configurations in the Appendix B.

 

[jetman]

I like the way SE Labs present their reports. It makes a good alternative to the better known AV testing labs.

They used to test Bitdefender but don't seem to do that any more. Although Bitdefender was normally shown to be a good product, there were one or two ocassions where it performed relatively badly. I wonder if Bitdefender has since withdrawn permission for them to test it ?

Kaspersky, Norton and Windows Defender were the only products offering 100% protection. Having looked at testing reports over a long period of time, Kaspersky and Norton always seem to perform well. They are not always the very top products, but are consistently good. Thats's why I would only consider buying those brands.

Windows Defender has been performing well recently, but that wasn't always the case. I think the weakness of that product is that it is built into the Windows operating system and therefore probably most vulnerable to attack.

 

[509322]

Kaspersky, Norton and Windows Defender were the only products offering 100% protection.

Only in the specific tests using the specific samples.

Otherwise, all can be bypassed.

 

[Burrito]

Kaspersky, Norton and Windows Defender were the only products offering 100% protection. Having looked at testing reports over a long period of time, Kaspersky and Norton always seem to perform well. They are not always the very top products, but are consistently good. Thats's why I would only consider buying those brands.

Windows Defender has been performing well recently, but that wasn't always the case. I think the weakness of that product is that it is built into the Windows operating system and therefore probably most vulnerable to attack.

Agree. Over 1, 5, and even 10 years, the top consistent performers are Kaspersky, Norton, and Bitdefender. I've watched all the different tests... and that is how it falls out. Other AVs come and go.... but those are the three overall top performers. Of course, the tests reflect standard AV settings and there are inherent limitations of some types of testing. So testing does not factor in things like Comodo with CS settings, or the addition of other capabilities that may work with some AVs, but not others.

Each of those three top AVs has their advantages and disadvantages. I've tried all of them. If one has a simple set-up, selecting one of those AVs is a good start. Once you start adjusting settings and mix in other capabilities.... then it's a whole different deal..

 

[shmu26]

Agree. Over 1, 5, and even 10 years, the top consistent performers are Kaspersky, Norton, and Bitdefender. I've watched all the different tests... and that is how it falls out. Other AVs come and go.... but those are the three overall top performers. Of course, the tests reflect standard AV settings and there are inherent limitations of some types of testing. So testing does not factor in things like Comodo with CS settings, or the addition of other capabilities that may work with some AVs, but not others.

Each of those three top AVs has their advantages and disadvantages. I've tried all of them. If one has a simple set-up, selecting one of those AVs is a good start. Once you start adjusting settings and mix in other capabilities.... then it's a whole different deal..

Norton took a big dip in the middle. It was good 10 years ago, and it is good now, but in between it was meh.
Kaspersky and Bitdefender are more consistently strong over the years, IMO.