Microsoft Defender is Microsoft's free antivirus software, included since Windows 8.
It offers a comprehensive solution—antimalware, firewall, web protection (via Edge), etc.
In this test, we will add AIDefender, a new product that is designed to enhance protection through various advanced features.
Let's take a look!
Interface :
We won't dwell on MS Defender, which we are familiar with, but rather on AIDefender.
The product features an attractive interface with several options. Their AI, Helios, can quickly scan your computer for threats, guide you through the configuration (which is very comprehensive), block LOLBins via the firewall, etc.
A job well done!
Web protection: 8/9
MS Defender missed one URL (CobaltStrike) and one URL was a false positive.
The rest were blocked correctly.
Fake crack : N/A
The sample is too old and the site that distributed it was down.
Skipped.
Malware Pack : Remaining 30 threats out of 143
There are a few things to mention:
Firstly, I noticed a decline in script detection on Microsoft Defender. Although it can block the payload afterwards, Microsoft has accustomed me to better blocking capabilities.
Although the software still holds up, it's worth noting that the addition of AI Defender has been beneficial, as the machine has come close to being infected several times by some fairly aggressive RATs.
Nevertheless, neither MS Defender nor AI Defender were able to block other fairly virulent RATs, often used legally but which can be hijacked by hackers, such as ConnectWise or GoToResolve, contributing to the infection of the machine.
At the end of the test (and a surprise restart), several pieces of malware did not launch, but traces of them remained.
Final scan :
MS Defender : 0
AI Defender (Helios) : 3
NPE : 5
KVRT : 15
Final opinion:
Overall, the results are good, but I'm quite disappointed with the Microsoft Defender scan; I expected better.
AI Defender is a good, versatile ally that will help and guide the user.
Of course, the machine is infected, and MS Defender was unable to block legitimate RATs that have been hijacked by hackers (such as ConnectWise), but the machine can be saved.
@Trident request
It offers a comprehensive solution—antimalware, firewall, web protection (via Edge), etc.
In this test, we will add AIDefender, a new product that is designed to enhance protection through various advanced features.
Let's take a look!
Interface :
We won't dwell on MS Defender, which we are familiar with, but rather on AIDefender.
The product features an attractive interface with several options. Their AI, Helios, can quickly scan your computer for threats, guide you through the configuration (which is very comprehensive), block LOLBins via the firewall, etc.
A job well done!
Web protection: 8/9
MS Defender missed one URL (CobaltStrike) and one URL was a false positive.
The rest were blocked correctly.
Fake crack : N/A
The sample is too old and the site that distributed it was down.
Skipped.
Malware Pack : Remaining 30 threats out of 143
There are a few things to mention:
Firstly, I noticed a decline in script detection on Microsoft Defender. Although it can block the payload afterwards, Microsoft has accustomed me to better blocking capabilities.
Although the software still holds up, it's worth noting that the addition of AI Defender has been beneficial, as the machine has come close to being infected several times by some fairly aggressive RATs.
Nevertheless, neither MS Defender nor AI Defender were able to block other fairly virulent RATs, often used legally but which can be hijacked by hackers, such as ConnectWise or GoToResolve, contributing to the infection of the machine.
At the end of the test (and a surprise restart), several pieces of malware did not launch, but traces of them remained.
Final scan :
MS Defender : 0
AI Defender (Helios) : 3
NPE : 5
KVRT : 15
Final opinion:
Overall, the results are good, but I'm quite disappointed with the Microsoft Defender scan; I expected better.
AI Defender is a good, versatile ally that will help and guide the user.
Of course, the machine is infected, and MS Defender was unable to block legitimate RATs that have been hijacked by hackers (such as ConnectWise), but the machine can be saved.
@Trident request
