AVLab.pl March 2021 - Advanced In The Wild Malware Test

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Adrian Ścibor

From AVLab.pl
Thread author
Verified
Well-known
Apr 9, 2018
173
Hello Readers!

As you know we prepared security review bimonthly. In the latest review we used 1155 malware samples. Results from that comparison has been published two days ago: Publications - AVLab
More details with samples detection you can find on website Recent Results - AVLab
 

Attachments

  • march results.png
    march results.png
    81.5 KB · Views: 132

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,004
Thanks for the report. It would be interesting to include Trend Micro. Its results in the AVLab and AV-Comparatives Malware Protection tests were very poor. On the contrary, it scores very well (for a long time) in AV-Test Malware Protection tests (0 missed samples in the period 2019-2021). AVLab includes the malware hashes, so it can be helpful to understand why Trend Micro can have such different results in different tests.

I think that the results of Panda (2 missed samples per 1155 total samples) can hardly be differentiated from other results due to statistical errors.:unsure:
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,004
Norton Sonar did quite well (y)
Norton can do very well in all such tests, because it uses a combination of Sonar and Norton Insight (reputation service in the Cloud). Norton Insight is similar in idea to Windows SmartScreen Application Reputation but more comprehensive (does not need MOTW, can block loaded DLLs). Malicious executables (EXE, DLL, etc.) have low prevalence and poor reputation so they are blocked. If the non-executable file tries to download/drop/execute the executable payload, then it is checked against the file reputation backend and will be blocked too. Due to using a file reputation Norton has one of the higher false positives rates.
Anyway, Norton's protection can be bypassed via fileless attacks that do not use malicious executable files.
 

Adrian Ścibor

From AVLab.pl
Thread author
Verified
Well-known
Apr 9, 2018
173
Testing some home products beside free & paid Avs along Business product:unsure:

Methodology is the same for both. As you can read in previous reports we test only a few business products. There is no need to create a separate report (my opinion). However I consider your post. Could be useful when we start test additional business products in this series of testing.
 

Zorro

Level 9
Verified
Well-known
Jun 11, 2019
402
Hello Readers!

As you know we prepared security review bimonthly. In the latest review we used 1155 malware samples. Results from that comparison has been published two days ago: Publications - AVLab
More details with samples detection you can find on website Recent Results - AVLab
It is surprising that among the tested antiviruses there are no such popular ones as Kaspersky and Eset. 😯
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top