Norton bad detection ratio on malware pack

[TheMalwareMaster]

Good evening, I recently watched again this Norton security 2015 review, and I'd like to ask why Norton is so good at web prevention but it hasn't a good detection ratio on the malware pack.

Source of review: ThePCSecurityChannel
-https://www.youtube.com/watch?v=Pyqq2xURHJk

 

[ravi prakash saini]

come on friend you are on MT ,now stop bothering about this type of so called test

 

[TheMalwareMaster]

Sorry if I did something wrong, Can you explain me why these kind of tests are not good to evaluate a product? Maybe for the number of samples?

 

[Ink]

Malware Pack testing is not a real world scenario, nor is it encouraged to base a product's rating from these types of test.

Here's a quote from another post of mine about Norton Smart Definitions. By default, Smart Definitions only contain Core definitions.

Complete - Contains all the virus definitions for each threat that is known to Symantec.
Core - Contains the most important virus definitions that are required for latest security threats as viewed by Symantec.

Thread: Disable Norton Smart Updates?

Please read Your Mouseclick Matters Guide by @Nico@FMA

 

[TheMalwareMaster]

Malware Pack testing is not a real world scenario, nor is it encouraged to base a product's rating from these types of test.

Here's a quote from another post of mine about Norton Smart Definitions. By default, Smart Definitions only contain Core definitions.


Please read Your Mouseclick Matters Guide by @Nico@FMA

Thank you for your explantions.. I realised It is impossible for a home user to grab all that malware

 

[Anupam]

Norton is an excellent product. I agree detection is less but SONAR engine is awesome.

 

[TheMalwareMaster]

Norton is an excellent product. I agree detection is less but SONAR engine is awesome.

Yes, I also agree with you about sonar

 

[thepierrezou]

They don't care about improoving their detection rate. They just wat people to be protected without using too much money.
Main things with Nroton are his SONAR, and firewall I think.

 

[Nightwalker]

They don't care about improoving their detection rate. They just wat people to be protected without using too much money.
Main things with Nroton are his SONAR, and firewall I think.

Not really, take a look here:

STAR Malware Protection Technologies | Symantec

Symantec STAR's budget is definitely not low.

 

[thepierrezou]

When I'm saying "without using too much money" it's because I think it cost a lot more to search and add SHA-1 to the database than making something like their Sonar. But of course they are using a lot of money to protect people.

 

[Rajat]

Norton is a cloud based security software & hence stores most of its signatures on cloud. These cloud signatures generally come into Play when you execute a file. Norton creates a small footprint of the file & upload it to norton's cloud server. The footprint is scanned on to the cloud & results are sent to Norton Security software working on your PC. Thus you cannot judge a cloud product on the detection rate obtained after doing a context menu scan on some samples.

 

[TheMalwareMaster]

Maybe i was misunderstood before. I was asking if all the test is a fine way to test a product (web prevention, scan malware pack and then execute the left-over files), not only the malware pack scan. I think it is, because it shows the ability of preventing a home user from downloading zero-day malware (web prevention), and of getting infected by files from external devices, like usb pendrives

 

[Rajat]

Maybe i was misunderstood before. I was asking if all the test is a fine way to test a product (web prevention, scan malware pack and then execute the left-over files), not only the malware pack scan. I think it is, because it shows the ability of preventing a home user from downloading zero-day malware (web prevention), and of getting infected by files from external devices, like usb pendrives

Although i'm a fan TPSC but i would say that you just can't judge a product based on his Tests. His methods are Fine but results will get easily reverse if he does another test on different Links & samples. If you wanna select a Product based on usability & Stability then go on for reading user reviews. If you wanna select a Product based on its Protection capabilities check out results of AV Comparatives or Virus Bulletin. Their results are based on multiple tests & on different varities of Samples.

 

[TheMalwareMaster]

Although i'm a fan TPSC but i would say that you just can't judge a product based on his Tests. His methods are Fine but results will get easily reverse if he does another test on different Links & samples. If you wanna select a Product based on usability & Stability then go on for reading user reviews. If you wanna select a Product based on its Protection capabilities check out results of AV Comparatives or Virus Bulletin. Their results are based on multiple tests & on different varities of Samples.

That's true, it all depends on the kind of samples that you are using to test: he doesn't always use all zero-day malware. The test may also change if you use some adware samples. I already take a look at Av test and Av comparatives results

 

[Ink]

I already take a look at Av test and Av comparatives results

Take these results with a grain of salt, or a bucket full. In some sense, they are testing products to destruction.

Most products score very well, but are heavily criticised by readers when they perform a few percent lower than the rest. For example, Product X1 scores 99% (aka "It's the best Antivirus") vs Product X2 scores 95% (aka "it sucks, it will let malware on your PC").

 

[Rajat]

Mostly i have seen Products like Avira, Bitdefender, Kaspersky & emsisoft scoring High in their Tests. These products apparently have satisfied their customers. Its not readers fault if they criticize the Products they use for performing poorly in these tests. Every user want's his Guard to be the best.

 

[CMLew]

I used to care about detection rate of an AV. So back in older days I went to Av-test site for comparison and see which one is the best. Every since coming to MT, I drop those ideas and move towards prevention.

I made a simple concept in my mind that if you can prevent it then why detect it.

So IMHO, getting an AV should be prioritised on what type of protection it offers rather than how high their detection rate.
If you have good detection rate AV but poor protection is pretty ineffective right?

 

[jamescv7]

That should not be a surprise at all, usually majority of users prefer those reviews as a 'main' point of reference however we should know where its concept are totally different and in the sense they are excel on other point which benefited on other way.

Norton may not be good on overall signature components however their cloud functionality made to be a standardize product compare to others.

 

[Deleted member 178]

I made a simple concept in my mind that if you can prevent it then why detect it.

+1.

analogy: "better stop the housebreaker from entering than call the police while he is in"

some will say "better catch him inside than never"

sure but my standard is "i dont allow intruders inside my home"

 

[TheMalwareMaster]

Since most of home users get infected by downloading from the Internet, Norton cloud and sonar should be fine. This cloud technology makes it really light on ram. But I still would expect them to have a better detection ratio.