Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Security Statistics and Reports
Modern protection without signatures – comparison test on real threats (Advanced In The Wild Malware Test)
Message
<blockquote data-quote="Andy Ful" data-source="post: 977545" data-attributes="member: 32260"><p>You should not be disappointed. Most of the tested samples are not the initial malware, but payloads. So, this test does not show how are the chances to be infected in the home environment. It is more appropriate for showing how successful would be the lateral movement in the already compromised business network. In the case of Defender, it is clear that on default settings it is not the best solution. This is not a surprise because the default settings are intended by Microsoft for the home environment (no lateral movement).</p><p>Similar results can be seen in the older tests made by MRG Effitas (years 2018 and 2019) where Defender was tested on default settings. In the more recent MRG Effitas tests, Defender uses advanced settings (including ASR rules), so the results are very good:</p><p></p><p><strong>MRG Effitas tests </strong><span style="color: rgb(41, 105, 176)">360° Assessment & Certification</span><strong>.</strong></p><p></p><p>Missed samples in the tests Q1-Q4 of the year 2021 (In the wild 360, PUA, Financial, Ransomware + Exploit & Fileless)</p><p>Symantec..............= 2 ....... + 1e</p><p>Avast......................= 4 .......+ 1e</p><p>Malwarebytes........= 2 ......+ 5e</p><p>Bitdefender............= 6.5 ....+ 0e</p><p>Microsoft...............= 6.5 ....+ 4e</p><p>Sophos..................=*11 .....+ *0e (* included an averaged result for Q4 2021)</p><p>ESET ......................= 13 ... + 0e</p><p>F-Secure.................= 17.5 ..+ 0e (many missed PUA)</p><p>Avira.......................= 64.5 ..+ 4e</p><p>Trend Micro...........= 114 .. + 9e</p><p></p><p></p><p>Exploit & Fileless - missed samples in the last 2 years (Q4 2019 - Q4 2021)</p><p><strong>Bitdefender..........................0e</strong></p><p><strong>Eset .....................................0e</strong></p><p><span style="color: rgb(0, 168, 133)"><strong>F-Secure .............................4e</strong></span></p><p><span style="color: rgb(0, 168, 133)"><strong>Microsoft............................6e</strong></span></p><p><span style="color: rgb(0, 168, 133)"><strong>Symantec ...........................6e</strong></span></p><p><span style="color: rgb(0, 168, 133)"><strong>Avast .................................7.5e</strong></span></p><p>Trend Micro........................18e</p><p>Avira ...................................16e</p><p></p><p>Due to a small number of Exploit & Fileless samples, I used a period of about 2 years (9 tests).</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 977545, member: 32260"] You should not be disappointed. Most of the tested samples are not the initial malware, but payloads. So, this test does not show how are the chances to be infected in the home environment. It is more appropriate for showing how successful would be the lateral movement in the already compromised business network. In the case of Defender, it is clear that on default settings it is not the best solution. This is not a surprise because the default settings are intended by Microsoft for the home environment (no lateral movement). Similar results can be seen in the older tests made by MRG Effitas (years 2018 and 2019) where Defender was tested on default settings. In the more recent MRG Effitas tests, Defender uses advanced settings (including ASR rules), so the results are very good: [B]MRG Effitas tests [/B][COLOR=rgb(41, 105, 176)]360° Assessment & Certification[/COLOR][B].[/B] Missed samples in the tests Q1-Q4 of the year 2021 (In the wild 360, PUA, Financial, Ransomware + Exploit & Fileless) Symantec..............= 2 ....... + 1e Avast......................= 4 .......+ 1e Malwarebytes........= 2 ......+ 5e Bitdefender............= 6.5 ....+ 0e Microsoft...............= 6.5 ....+ 4e Sophos..................=*11 .....+ *0e (* included an averaged result for Q4 2021) ESET ......................= 13 ... + 0e F-Secure.................= 17.5 ..+ 0e (many missed PUA) Avira.......................= 64.5 ..+ 4e Trend Micro...........= 114 .. + 9e Exploit & Fileless - missed samples in the last 2 years (Q4 2019 - Q4 2021) [B]Bitdefender..........................0e Eset .....................................0e[/B] [COLOR=rgb(0, 168, 133)][B]F-Secure .............................4e Microsoft............................6e Symantec ...........................6e Avast .................................7.5e[/B][/COLOR] Trend Micro........................18e Avira ...................................16e Due to a small number of Exploit & Fileless samples, I used a period of about 2 years (9 tests). [/QUOTE]
Insert quotes…
Verification
Post reply
Top