SE Labs - Home Anti-Malware Protection (2021 Q2)

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

CyberPanther

Level 7
Thread author
Verified
Well-known
Oct 1, 2019
303

Anti-virus needs your attention​

How to get out more than you put in​

Our reports help you choose the best home anti-malware solution. Picking a suitable solution isn’t just a matter of scanning through testing awards. You need to look closely at what you need, what you already have and what is available.

Choose the best home anti-malware solution​

If you were going to buy a new security fence, burglar alarm or CCTV system you would research the various options and consider how to deploy it in your very specific situation. The same should follow for endpoint protection systems. What do you really need? Are the candidates basically capable? And can you get the best out of them in your environment.

For home users, a big question is: are you interested? Technically-minded folk may want powerful features that are irrelevant to people who just want to install something and forget about it. Or security experts might lock down their computers in clever ways and decide that basic anti-virus is good enough. When it comes to choosing personal security products, anti-virus needs your attention.

We hope this report helps you answer some of these important questions.

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

Read this SE Labs assessment of world-leading endpoint security products and discover how they handle well-known threats and targeted attacks.

Source: Anti-virus needs your attention - SE Labs - Reports

SE Labs Report: https://selabs.uk/wp-content/uploads/2021/07/apr-jun-2021-home.pdf
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
This picture out of the report illustrating an example of a MITRE staged attack chain, shows why simply blocking scripting sponsors (while allowing admins to override) helps to reduce the attack surface. Combine this with a deny execute in the download folder and preventing mail clients to execute code directly and malware intrusion has become a lot harder.

1627971463880.png

@Andy Ful above picture shows why Simple Windows Hardening needs the block sponsors and emil clients hardening option (from H_C) also :)
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,542
...
@Andy Ful above picture shows why Simple Windows Hardening needs the block sponsors and emil clients hardening option (from H_C) also :)
The attack you refer to will be blocked by SWH (except EXE and MSI files). The attacks via EXE or MSI files will be prevented by SmartScreen. Email clients hardening is already included in SWH.(y)
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,542
I can't convince you to add sponsor blocking to SWH, so I won't bug you with it anymore :)
I know well the strong and weak points of SWH. There are some rare scenarios when adding <Block Sponsors> to SWH would be helpful, but they are not worthy to complicate SWH (so far). If these scenarios will be not so rare in the wild, then I will consider also Sponsors.
If one does not believe me, then the H_C has plenty of possibilities to adjust the protection (just like you did). :)(y)

Anyway, the results of SE Labs tests can suggest that a good AV and good web browser are probably enough for many users.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top