AVLab.pl March 2021 - Advanced In The Wild Malware Test

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Andy Ful

Level 72
Verified
Trusted
Content Creator
Dec 23, 2014
6,144
Thanks for the report. It would be interesting to include Trend Micro. Its results in the AVLab and AV-Comparatives Malware Protection tests were very poor. On the contrary, it scores very well (for a long time) in AV-Test Malware Protection tests (0 missed samples in the period 2019-2021). AVLab includes the malware hashes, so it can be helpful to understand why Trend Micro can have such different results in different tests.

I think that the results of Panda (2 missed samples per 1155 total samples) can hardly be differentiated from other results due to statistical errors.:unsure:
 

Andy Ful

Level 72
Verified
Trusted
Content Creator
Dec 23, 2014
6,144
Norton Sonar did quite well (y)
Norton can do very well in all such tests, because it uses a combination of Sonar and Norton Insight (reputation service in the Cloud). Norton Insight is similar in idea to Windows SmartScreen Application Reputation but more comprehensive (does not need MOTW, can block loaded DLLs). Malicious executables (EXE, DLL, etc.) have low prevalence and poor reputation so they are blocked. If the non-executable file tries to download/drop/execute the executable payload, then it is checked against the file reputation backend and will be blocked too. Due to using a file reputation Norton has one of the higher false positives rates.
Anyway, Norton's protection can be bypassed via fileless attacks that do not use malicious executable files.
 

Adrian Ścibor

From AVLab.pl
Verified
Apr 9, 2018
56
Testing some home products beside free & paid Avs along Business product:unsure:

Methodology is the same for both. As you can read in previous reports we test only a few business products. There is no need to create a separate report (my opinion). However I consider your post. Could be useful when we start test additional business products in this series of testing.
 

SFox

Level 5
Verified
Jun 11, 2019
217
Hello Readers!

As you know we prepared security review bimonthly. In the latest review we used 1155 malware samples. Results from that comparison has been published two days ago: Publications - AVLab
More details with samples detection you can find on website Recent Results - AVLab
It is surprising that among the tested antiviruses there are no such popular ones as Kaspersky and Eset. 😯
 
Top