AVLab.pl November 2021 - The Advanced In The Wild Malware Test

Disclaimer

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Adrian Ścibor

Adrian Ścibor

From AVLab.pl
Thread author
Verified
Well-known
Apr 9, 2018
153
Dear Readers!

As you know in November we start with next edition of Advanced In The Wild Malware Test. This time we have used more than 1700 malware samples from CERT Poland database as Malware Bazar as well (except our honeypots). The results of protection are different as always. You have to know that we reported a noticed problems to the vendors and their protection should be updated. In the meantime, we can already start summarizing the tests from all of 2021.

Full report: Results of protection against threats from the list of CERT Poland - AVLab Cybersecurity Foundation

Details: The November 2021 Results - Advanced In The Wild Malware Test

Updated Methodology (Yara rules added): Methods of carrying out automatic tests - AVLab
 
  • Like
  • +Reputation
Reactions: ItsReallyMe, roger_m, Nevi and 9 others
J

JasonUK

Level 5
Apr 14, 2020
226
So F-Secure killed an impressive 99% at the first hurdle which, if I'm reading the testing notes correctly, means it has strong signature protection but those which blocked mainly at Level 3 showed potentially stronger protection against possible 0-day threats. I wonder how well F-Secure's Level 3 protection would have dealt with the samples if Level 1 protection had been disabled? If it was just as effectively that would be a very strong result and a standout winner.
 
  • Like
Reactions: roger_m, Nevi, Venustus and 4 others
Adrian Ścibor

Adrian Ścibor

From AVLab.pl
Thread author
Verified
Well-known
Apr 9, 2018
153
JasonUK said:
So F-Secure killed an impressive 99% at the first hurdle which, if I'm reading the testing notes correctly, means it has strong signature protection but those which blocked mainly at Level 3 showed potentially stronger protection against possible 0-day threats. I wonder how well F-Secure's Level 3 protection would have dealt with the samples if Level 1 protection had been disabled? If it was just as effectively that would be a very strong result and a standout winner.
Click to expand...
In theory, signature protection can block up to 95% of malware on the Internet, which is why it is still used by many vendors. It's difficult to say how the product would fare if you turned off the browser protection -> probably the Level 1 will be switched to Level 2. Such a test is feasible and without significant changes to the backend in our test system.
 
  • Like
Reactions: roger_m, Nevi, Venustus and 3 others
ErzCrz

ErzCrz

Level 16
Verified
Top Poster
Well-known
Aug 19, 2019
773
Interesting seeing Comodo detection only 9% at Level 1 and then 91% at level 3. Shows that mainly reliant on containment these days but it did still block everything. Compared to 40% and 60% in July. Avast has a similar separation of 25% and 75%. It would be good to see MD back in these tests but good to see another report come out :D
 
  • Like
Reactions: roger_m, Nevi, Venustus and 3 others

Similar threads

Adrian Ścibor
    • Like
    • +Reputation
    • Applause
Evaluation of protection solutions based on telemetry data of malware in-the-wild (May 2023)
Replies
6
Views
854
Security Statistics and Reports
Trident
Trident
Adrian Ścibor
    • Like
    • +Reputation
    • Thanks
AVLab.pl Security test on the example of 400 malicious samples in the wild (November 2022)
Replies
21
Views
1,624
Security Statistics and Reports
Andrezj
Andrezj
Adrian Ścibor
    • Like
    • +Reputation
    • Thanks
AVLab.pl Product of the year 2022: a summary of security tests by AVLab
Replies
8
Views
1,251
Security Statistics and Reports
Adrian Ścibor
Adrian Ścibor

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top