Advice Request Is Trend Micro antivirus popular?

[artek]

Now that HitmanPro.Alert and Sophos are very much linked, I have reason to believe that they may be using the same set of cloud services as a base.
I tested HMPA first because we had the license in hand, then about an hour later after I borrowed a copy of Sophos Home from someone else I found that the C2 server used in the previous test had been pulled by Sophos, suggesting ATK/CC, because the C2 server in the test had just been installed by me that day, and there was no real target to attack, so I believe That was the HMPA intercepting the attack and immediately generating a response in the Sophos cloud.
That's why there is no Sophos Home in the results.

Now I'm very curious how many of the blocks were from the built-in anti-malware via Sophos cloud vs. HitmanPro Alert proactive mechanisms.

 

[ShenguiTurmi]

Now I'm very curious how many of the blocks were from the built-in anti-malware via Sophos cloud vs. HitmanPro Alert proactive mechanisms.

Unfortunately, I have not recorded this specific data. If you want to see screenshots, I can attach them, but none of the screenshots have clicked on "Technical Details"

 

[nickstar1]

I always liked trendmicro feels like you have nothing installed scans are fast.

 

[artek]

Unfortunately, I have not recorded this specific data. If you want to see screenshots, I can attach them, but none of the screenshots have clicked on "Technical Details"

I'd love to see the screen shots.

 

[ShenguiTurmi]

I'd love to see the screen shots.

Here it is.
You may have noticed that there are endpoints infected and online at cobaltstrike, that's because someone else is testing other security software, It's not this test VM with HMPA, HMPA blocked all attacks.

Spoiler: HMPA

If you are still interested in a screenshot of one of the security software we tested, please let me know and I will attach it (but it's not practical to post 450 screenshots at once, so I can only provide 10 screenshots of the corresponding software when you are interested).

 

[artek]

Thank you! I think you've posted most of the ones I'm interested in seeing already but I appreciate the effort.

The HitmanPro Alert detections from your test seem like proactive detections using one of Alert's Risk Reduction (Credential Theft Protection, Process Protection) or Anti-Exploit mechanisms. I can't read the text so I can't say that with 100% certainty but when we look at @Shadowra 's test of HMP.A's ransomware protection, cloud anti-malware detections look quite different:

It's neat that they're taking those proactive detections from your test and sharing them with other Sophos products in the cloud.

 

[ShenguiTurmi]

Thank you! I think you've posted most of the ones I'm interested in seeing already but I appreciate the effort.

The HitmanPro Alert detections from your test seem like proactive detections using one of Alert's Risk Reduction (Credential Theft Protection, Process Protection) or Anti-Exploit mechanisms. I can't read the text so I can't say that with 100% certainty but when we look at @Shadowra 's test of HMP.A's ransomware protection, cloud anti-malware detections look quite different:

View attachment 274052

It's neat that they're taking those proactive detections from your test and sharing them with other Sophos products in the cloud.

The Text is:
Intercepted attacks
"xxx" has been terminated to prevent the execution of malicious code.
Please check your computer for malware and software updates.