MRG Effitas 360 Assessment Quarter 4

  • Thread starter ForgottenSeer 55778
  • Start date
F

ForgottenSeer 55778

Thread author
Once again, Kaspersky tops the lot, with Trend Micro in second and Avast in third. Avast has apparently made a huge leap after the integration of AVG technologies and signatures. However, the benefit was apparently not reciprocated for AVG. :rolleyes:

Disclaimer: Interpret these results as you want. It is usually good to look at multiple testing sources before coming to a conclusion. Our own Malware Hub is an exceptional place for unbiased testing.
 
5

509322

Thread author
Such tests are only accurate as a detection test - if that's what is important to you - and only with the specific samples used in the test.

The best indicator is consistently high performance over an extended period of time. So for the best idea of detection capabilities, look back through the test records as far back as you can find them, from all the various labs and test sources, and then make comparisons.
 
Last edited by a moderator:

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
LOL Sorry but 100% ransomware detection by Trend Micro... :D
Probably I've lost something since the company where I work has been infected by Cryptolocker (or similar I don't know) & Co. for three or four times in these months.
They use TM Worry Free.
 
5

509322

Thread author
LOL Sorry but 100% ransomware detection by Trend Micro... :D
Probably I've lost something since the company where I work has been infected by Cryptolocker (or similar I don't know) & Co. for three or four times in these months.
They use TM Worry Free.

The test results are only valid for the specific samples used in the test. The results are not an indication nor guarantee of generic ransomware detection or blocking.

Good or bad results in such a limited test are not something to get too overly excited or concerned about. Things change with time. Things change with different sample sets. Some are better than others. A review of test results over an extended period of time are the best indicator.
 
Last edited by a moderator:
5

509322

Thread author
I have to check it again with more attention...But Trend with high (static) detection is really "weird"...then, 100% Ransomware detection for many AV? Really?... Doesn't seem to be like that in the HUB...:confused:

The test is only valid for the specific samples used in the test. The results are not an indicator nor guarantee of generic ransomware detection and blocking.
 
  • Like
Reactions: vemn

Piteko21

Level 18
Verified
Top Poster
Well-known
Sep 13, 2014
874
Big players such as Kaspersky, Bitdefender, Eset, Avast, Avira and Panda are 'safe values' in security concerns.
Despite not trust in this tests at 100%, I admit that they are useful to form an general opinion.
In the oder hand, someone can explain what f*** happen to AVG to score soo low (in signatures detections)...AVG, you never learn...
 
  • Like
Reactions: tonibalas and vemn

vemn

Level 6
Verified
Malware Hunter
Well-known
Feb 11, 2017
264
Taking with a pinch of salt.
Agree with @Lockdown that the samples doesn't represents generic detections of ransomware variants.

Actually my first thought is, are all selected products of the same "grade" or baseline for consumer level? For example, Trend Micro Maximum security was chosen instead of its Internet Security 2017. Or Norton Security instead of Norton Internet Security.
Or maybe it doesn't matter in terms of the engines being tested. I don't know. Just thinking out loud.

(Please pardon my limited knowledge and do correct me as I'm still learning)
 
  • Like
Reactions: _CyberGhosT_
5

509322

Thread author
Taking with a pinch of salt.
Agree with @Lockdown that the samples doesn't represents generic detections of ransomware variants.

Actually my first thought is, are all selected products of the same "grade" or baseline for consumer level? For example, Trend Micro Maximum security was chosen instead of its Internet Security 2017. Or Norton Security instead of Norton Internet Security.
Or maybe it doesn't matter in terms of the engines being tested. I don't know. Just thinking out loud.

(Please pardon my limited knowledge and do correct me as I'm still learning)

I don't know why that Norton is specified as Symantec Norton Security. Norton Antivirus and Internet Security were renamed\rebranded Norton Security with different levels like Standard, Deluxe and Premium to differentiate the products.
 

vemn

Level 6
Verified
Malware Hunter
Well-known
Feb 11, 2017
264
I don't know why that Norton is specified as Symantec Norton Security. Norton Antivirus and Internet Security were renamed\rebranded Norton Security with different levels like Standard, Deluxe and Premium to differentiate the products.

Ah icic. Thanks for the clarification.
I'll save my brain cells to think if it's a fair test.
 

DracusNarcrym

Level 20
Verified
Top Poster
Well-known
Oct 16, 2015
970
Out of all these so-called independent testers, I would only trust Matousec, to be honest.

Haven't heard about them in a while. :/

(Matousec does put Kaspersky among the top security solutions as well)
 
5

509322

Thread author
Out of all these so-called independent testers, I would only trust Matousec, to be honest.

Haven't heard about them in a while. :/

(Matousec does put Kaspersky among the top security solutions as well)

Matousec is obsolete - and it's a defunct project. Besides it was nothing more than a synthetic HIPS test. It provided data to consider, but I wouldn't pin everything on those tests alone.
 
5

509322

Thread author
Take these tests for what they are. A scan followed by execution of what wasn't identified as malicious by the initial scan. Upon execution some softs will do a cloud lookup - that just might be a simple reputation query or do some behavioral analysis. After the local behavioral stuff kicks-in.

Default settings are used. These tests aren't full pen-tests against the tested products. They're basic assessments of default protections.

Don't over-think it.
 
Last edited by a moderator:
  • Like
Reactions: vemn

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
The test results are only valid for the specific samples used in the test. The results are not an indication nor guarantee of generic ransomware detection or blocking.

Good or bad results in such a limited test are not something to get too overly excited or concerned about. Things change with time. Things change with different sample sets. Some are better than others. A review of test results over an extended period of time are the best indicator.
Of course you are correct, being a huge malware DB (there are millions of malware variants), who create these tests has to choose a limited number of malware in testing, but statistically representative: new threats and known threats.

But the selection criteria of the various categories are extremely complex.
For example, it is possible to test an antivirus against a higher number of threats, even if in reality they are not very popular and therefore there is little probability that the real user can become infected. Or you can select the threats, which constitute the majority of the causes of infections for common users.

Also by understanding what are the potentially most viral threats may change scenario due to many variables, for example, there are huge differences in the spread of infections on geographical level.
The tests can vary a lot by depending on the parameters chosen by who performs the test, and thus the results may change when you are testing the same malware in different tests.
Frequently it happens that an antivirus program will obtain an excellent result in a test, and mediocre in others.
So these tests may show a statistically correct evaluation of a product, but when the user sees the full green line in the chart with 100% detections, the subliminal message is clear but the reality may be different.

That's why I don't believe in these tests, technically correct, but the evaluation factors are limited to the perimeter of the test.
 
  • Like
Reactions: vemn

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top