- Sep 21, 2021
- 47
[SE Labs] Endpoint Security: Home, Small Business, and Enterprise (Q1 2022)
- Thread starter ExecutiveOrder
- Start date
- Apr 17, 2021
- 448
Why is there a difference between Avast and AVG in terms of Total Accuracy Rating?
- Aug 16, 2021
- 230
im pretty sure Sophos must of payed for that result, I was trialling sophos home for a month, and in testing 5 or 6 times in a vm, it missed so much, and in each test ended up in the VHDX being destroyed/wiped, out of any recent security software ive tested, sophos was the only one that missed it consistently (test ran over 2 weeks to be sure signatures updated etc) also liaised with their support (who were dreadull)
Sophos Home premium V's 1000 recent Malware Samples
Well this is a short and sweet one, I first tested this on the 30th march... windows 10 vm, sophos home premium trial .... 1000 samples ran...... as you see in the test theres quite a bit getting missed and allowed to run, then process explorer gets killed, ... then command gets killed.... so I...
malwaretips.com
- Jul 15, 2016
- 321
Sophos 100%? Try to download a malware and see how infected you are. Sophos is terrible.
- Sep 21, 2021
- 47
Because it shows a single notification of "click to block (default block)", that's it.
It causes 4 fewer points in "Legitimate Software Ratings".
Not sure if during the testing period, AVG rolled out an update for the app to configure its certain behavior (not the signature) at the exact same time as Avast. This slight difference or inconsistency is not uncommon even in other testing labs. Both scored 100% protection (399 out of 400 points due to how SE Labs scores the result, refer to 3rd part: "Protection Rating").
im pretty sure Sophos must of payed for that result, I was trialling sophos home for a month, and in testing 5 or 6 times in a vm, it missed so much, and in each test ended up in the VHDX being destroyed/wiped, out of any recent security software ive tested, sophos was the only one that missed it consistently (test ran over 2 weeks to be sure signatures updated etc) also liaised with their support (who were dreadull)
Sophos Home premium V's 1000 recent Malware Samples
Well this is a short and sweet one, I first tested this on the 30th march... windows 10 vm, sophos home premium trial .... 1000 samples ran...... as you see in the test theres quite a bit getting missed and allowed to run, then process explorer gets killed, ... then command gets killed.... so I...
Different times, different samples and methodology, different tester, and of course different results.
"The test was conducted between 17th January and 14th March 2022" and "only" employs verified 75 "general attack" and 25 "targeted attack" scenarios.
This so-called 100% protection is limited to the test conducted by the SE Labs, reviewing their methodology (AMTSO compliant) will enlighten the concern a little bit.
Sophos' results in the last 2 quarters are not that impressive, Q3 2021 95% (ranked last), Q4 2021 97% (8th out of 12).
By looking at multiple independent testing labs, readers can get a deeper insight into a certain product, SE Labs is just one of 'em.
- Dec 23, 2014
- 8,130
Unfortunately, one cannot prove anything by doing this, even after downloading a thousand samples.
The results are pretty much random. This is similar to guessing what is displayed on the screen which can display only 0.01% pixels (99.99% faulty pixels). You could probably recognize the picture of a woman on the screen. You could also guess if she is pretty, but your guess would be in fact only an illusion.
That is why in the SE Labs test all tested AVs except Webroot were awarded AAA. SE Labs knows that this particular test cannot show more than that.
The results in the tables included in OP have nothing to do with protection/detection in the wild. They can be used to show something interesting only with similar results from many other tests. The average result (calculated correctly) can sometimes show something related to the protection/detection in the wild.
Last edited:
- Aug 16, 2021
- 230
except sophos in this case isnt a "random" "0.01% chance" .... it consistently failed over a 1 month trial with 1 sample that was submitted to them & and I attempted to deal with support.Unfortunately, one cannot prove anything by doing this, even after downloading a thousand samples.
The results are pretty much random. This is similar to guessing what is displayed on the screen which can display only 0.01% pixels (99.99% faulty pixels). You could probably recognize the picture of a woman on the screen. You could also guess if she is pretty, but your guess would be in fact only an illusion.
That is why in the SE Labs test all tested AVs except Webroot were awarded AAA. SE Labs knows that this particular test cannot show more than that.
The results in the tables included in OP have nothing to do with protection/detection in the wild. They can be used to show something interesting only with similar results from many other tests. The average result (calculated correctly) can sometimes show something related to the protection/detection in the wild.
I would imagine if my trial was still active it would fail that same test.
If i ran an AV company and a drive wiper malware hit it & a customer submitted it.... would be pretty important............ would be fixed or a signature done quickly
Sophos are just not on the same planet. (this malware was detected by every other provider tested... most of the common players)
No disrespect but its really .1 bad support & 2. terrible protection.
I had so much hope for sophos, I wanted a UK based AV provider.... I wanted them to win, I wanted them to be reliable........... They came out bottom of the pile (by a long way)
**im serious about wanting a UK based AV provider, no one even close and here i am with defender and voodooshield (both US based)
Last edited:
- Dec 23, 2014
- 8,130
We talk about different things.
In my post, I did write that a relatively poor result in one test does not necessarily indicate that the protection in the wild during the time period of testing, must be poor. But, It does not mean that it cannot be poor. Simply, the results of a single test (missed samples) are usually a kind of illusion. By an accident, the illusion can be close to the truth.
The example with faulty pixels can give some insight into this issue. When you see a bunch of pixels that can resemble a woman without a nose, then you get it as not pretty. The woman in the wild can still have a nose and be pretty, or she can have a very little nose and look unattractive.
If you take as an example the tests from AVLab, then I am not sure if 20 000 samples in one test could be sufficient to see if one AV is "prettier" than another one. The AVLab tests are far more comprehensive than any test made by one person, and when we gather the results from the years 2019-2021 (over 17000 samples), we still cannot be sure if Defender is better than F-Secure (we know from other tests that probably not):
https://malwaretips.com/threads/web...-2-vs-1000-sample-exe-test.113168/post-983155
Last edited:
Similar threads
