It makes sense to keep SmartScreen enabled for WD but not for other AV. So AVC probably disable that too for other products. Maybe Panda blocks everything unknown that's downloaded over internet which results in more blocks but high false positives.
Video League of Antivirus - Panda Dome Free Antivirus 20.00.00 vs Malicious URLs, Phishing URLs, Malware Samples and LoAV SCORE
- Thread starter JoeN
- Start date
It has a component in the paid version that works same like Avast hardened mode. If you try to run something unknown to Panda, it will ask you whether you allow that and will recommend that you click on “don’t run”. The issue when I tried this was that almost everything is unknown
It also doesn’t give you an explanation why you shouldn’t run it.
Maybe not enough user use it to have better reputational data. Do they publish any number about the number of users they have? They are from Spain so I guess they have quite a few there but what's the overall number?It has a component in the paid version that works same like Avast hardened mode. If you try to run something unknown to Panda, it will ask you whether you allow that and will recommend that you click on “don’t run”. The issue when I tried this was that almost everything is unknown
It also doesn’t give you an explanation why you shouldn’t run it.
Here's Panda boasting about the AVC result on their blog. Though there's no mention of false positives number:
Panda Security does it again: 100% detection in AV-C's Real-World Test
Panda Security blocks 100% of threats in AV-Comparatives' Real-World test, which examines security suites in realistic scenarios.
www.pandasecurity.com
They claim they have about 40 or 50 millions of users, on their website. They have some huge customers, such as Telefonica (Spanish Telecom, present in the UK as well, under O2 name). They are not extremely popular, but outdated mechanisms for data collection and processing might actually be the reason behind their low success.Maybe not enough user use it to have better reputational data. Do they publish any number about the number of users they have? They are from Spain so I guess they have quite a few there but what's the overall number?
Here's Panda boasting about the AVC result on their blog. Though there's no mention of false positives number:
Panda Security does it again: 100% detection in AV-C's Real-World Test
Panda Security blocks 100% of threats in AV-Comparatives' Real-World test, which examines security suites in realistic scenarios.
I used Panda for some time a few years ago and only had minor issue with false positives, even though I was regularly downloading PUPs and lesser known software. Its behaviour blocker, never blocked anything either.
Does it require MOTM for blocking unknown exe files? Were you downloading via browser or other download managers?
I mean I'm just trying to understand how come they achieve that 100% detection while literally no one says that it's a good AV.
It uses similar approach to Norton, that's why they had a product called "Panda Cloud Antivirus". In fact, Panda was the first one to start using "Collective Intelligence" back in 2006.
It doesn't require MOTW, but it doesn't have definitions either, just some hashes of prevalent malware (locally). Upon scanning it will calculate hash, send it to their server and get a result whether the file is safe or not. The server probably doesn't deem brand new files safe and this is where their detection rate comes from. In addition, they partner with Cyren (you can find info on that if you Google them). They get threat intelligence from them and that's why they still manage to achieve good results.
I never managed to see their behavioural blocker in action though. More can be seen here: Cyber-Security and Technology - Panda Security
Their core technologies are not the worst, but it needs more users/telemetry and the whole software needs a serious redesign.
Hmm right. Basing detection based on hash only is a recipe for disaster. No wonder why it has such a high false positives. Every AV has some kind of hash based blocking system but that's for new threats which is known to them but they haven't pushed a signatures online/offline update yet. Panda also sucks at signatures. You'll almost never see it VT except for popular/older threats.
No, with the Panda Cloud Antivirus they stopped using signatures. They only use something like a local cache with prevalent malware hashes, for when you are offline. Other than that, it relies on the cloud. Trend Micro is more or less the same.
I see. Almost fully cloud dependent. Yes, Trend Micro also seem to detect a lot with hash which most of the time looks like a behavior blocking protection. Though it actually has a behavior blocker and it's pretty good unlike Panda which is non-existent.
It's like comparing the sun and the moon
Panda was amongst the first to add "proactive" approaches. TruPrevent was released quite early, on par with F-Secure DeepGuard in 2006. But nowadays I don't believe it's receiving the updates and attention it needs.
Similar threads
