- Feb 17, 2018
- 870
SE Labs - Q1 2018 Report
- Thread starter L0ckJaw
- Start date
- Sep 3, 2017
- 825
Eset defeated Norton F secure and Bit defender despite of no proactive module whatsoever.
Funny thing is Avg awarded AAA but avast awarded AA..Very good testing-- Kudos:X3::notworthy:
Take it with a pinch of salt and sugar
Hope SE Labs received good cash incentives
Funny thing is Avg awarded AAA but avast awarded AA..Very good testing-- Kudos:X3::notworthy:
Take it with a pinch of salt and sugar
Hope SE Labs received good cash incentives
Strange that different result between Avast and AVG. Don't they use the same engine now?
Thanks for sharing.
They are testing the Internet Security version of Kaspersky, ESET, and a few other vendors... yet they are also testing the Free Anti-Virus version for other vendors (e.g. Avast, AVG, Avira).
If treating a vendor equally means using the free version of a vendors product and the paid version of another vendors product for public tests then that is an extremely interesting adaptation to the definition of the word "equally". I did a Google because my English is not so good but I cannot see any recent adaptations to wherever the "official" English dictionary is to re-define the literal meaning of the word.
They even mentioned Webroot at the start of the test.
I'm not entirely sure how that is supposed to work and quite frankly it does not make any sense to me but maybe there was a genuine reason for it which will one day be explained. Who knows.
If treating a vendor equally means using the free version of a vendors product and the paid version of another vendors product for public tests then that is an extremely interesting adaptation to the definition of the word "equally". I did a Google because my English is not so good but I cannot see any recent adaptations to wherever the "official" English dictionary is to re-define the literal meaning of the word.
They even mentioned Webroot at the start of the test.
Well yes, well done Sherlock. They are competing with several Internet Security solutions, and so are a few other vendors products...
I'm not entirely sure how that is supposed to work and quite frankly it does not make any sense to me but maybe there was a genuine reason for it which will one day be explained. Who knows.
- Feb 17, 2018
- 870
ESET has improved Live Grid alot with Fast detections. I tested it and it detects alot of new malware.
For now they give SONAR a run for their money.
For now they give SONAR a run for their money.
- Feb 24, 2017
- 1,661
finally some believeable numbers for once
not saying cause of KIS score, but the rest, Webroot and WD scores totally accurate, same goes to Norton etc
surprised about ESET
not saying cause of KIS score, but the rest, Webroot and WD scores totally accurate, same goes to Norton etc
surprised about ESET
- Feb 17, 2018
- 870
And ESET has improved Live Grid alot ! i am currently using it and till now it is superfast with signatures in the cloud.f you look in the Hub, Norton failed a couple of times, it failed me too
The guys at ESET are improving the Cloud security, almost the same way as SONAR works.
- Feb 24, 2017
- 1,661
that makes no sense, testing IS vs Free
also how did ZoneAlarm score worse when it literally uses Kaspersky sigs...
- Sep 3, 2017
- 825
Lol..but norton has multiple protection modules ..their aggressive SONAR is enough to end the game.(Home edition)
Even in that case ATC and Deepguard alone is enough to compete with Eset signatures
Equalling KIS along with ESET
Even in that case ATC and Deepguard alone is enough to compete with Eset signatures
Equalling KIS along with ESET
- Feb 17, 2018
- 870
- Sep 3, 2017
- 825
Zone alarm is completely third party components built around. I used ZAM extreme security.
Spam Filter- Sonic Wall
Parental control- Netnanny
Phishing, Malicious Url , Av engine - KASPERSKY and its Cloud - TOP NOTCH
Threat emulation - JOKE. Never this feature works.
ZA FREE is even worst...except firewall. And results confirm it
It does include a proactive module via its HIPS:Eset defeated Norton F secure and Bit defender despite of no proactive module whatsoever.
Funny thing is Avg awarded AAA but avast awarded AA..Very good testing-- Kudos:X3::notworthy:
Take it with a pinch of salt and sugar
Hope SE Labs received good cash incentives
- Sep 3, 2017
- 825
HIPS is not a pro active module nor a behaviour blocker module..NEVER
It is a lock down of the system. COMODO gives it for free
:notworthy:It also includes exploit mitigation, ransomware protection, botnet protection, a firewall component... Bear in mind this is the Smart Security we're talking about, right? Since this is the version which was included in the test linked by OP.
Last edited by a moderator:
The definition of the word "proactive" is below.
Source: the definition of proactive
Therefore, a Host Intrusion Prevention System (HIPS) can be legally described as "proactive" (adjective) in English.
It's a post-execution defence against malware that isn't caught by the signatures. That fits my definition of proactive.HIPS is not a pro active module nor a behaviour blocker module..NEVER
It is a lock down of the system. COMODO gives it for free
It also works differently to Comodo's HIPS in its default configuration as all blocking activity is carried out by ESET without user intervention.
- Sep 3, 2017
- 825
To my knowledge till date the only AV in the entire cyber security industry that doesnt have any dedicated BB are ESET and AVIRA.
See ESET RAP tests in Virus bulletin. It is not even listed
Marketing and Signatures is what saving these both. They may survive but not too long.
Though ESET is far far better than avira. He is helpless without DATABASE.
Don't get fooled by AV Vendors whitepapers and Descriptions and once look at MT Hub tests
Each and every ESET detection is Purely SIGNATURE. Dont get fooled and make others fool
Thank You
See ESET RAP tests in Virus bulletin. It is not even listed
Marketing and Signatures is what saving these both. They may survive but not too long.
Though ESET is far far better than avira. He is helpless without DATABASE.
Don't get fooled by AV Vendors whitepapers and Descriptions and once look at MT Hub tests
Each and every ESET detection is Purely SIGNATURE. Dont get fooled and make others fool
Thank You
- Feb 17, 2018
- 870
Eset Live Grid :
The simplest way to provide protection using a cloud system is by exact blacklisting using hashing. This works well for both files and URLs, but it is able to block only objects that match the hash exactly. This limitation has led to the invention of fuzzy hashing. Fuzzy hashing takes into consideration the binary similarity of objects, as similar objects have the same or a similar hash. ESET has moved fuzzy hashing to the next level. We do not perform hashing of data but hashing of the behavior described in DNA Detections. Using DNA hashing, we are able to block thousands of different variants of malware instantly.
Cloud Malware Protection System
The ESET Cloud Malware Protection System is one of several technologies based on ESET’s cloud-based system, ESET LiveGrid. Unknown, potentially malicious applications and other possible threats are monitored and submitted to the ESET cloud via the ESET LiveGrid Feedback System. The samples collected are subjected to automatic sandboxing and behavioral analysis, which results in the creation of automated detections if malicious characteristics are confirmed. ESET clients learn about these automated detections via the ESET LiveGrid Reputation System without the need to wait for the next detection engine update. The mechanism’s turnaround time is typically under 20 minutes, which allows for effective detection of emerging threats even before regular detections are delivered to users’ computers
ESET’s Host-based Intrusion Prevention System
(HIPS) monitors system activity and uses a
pre-defined set of rules to recognize suspicious
system behavior. When this type of activity is
identified, the HIPS self-defense mechanism
stops the offending program or process from
carrying out potentially harmful activity. Users
can define a custom set of rules to be used
instead of the default rule set; however, this
requires advanced knowledge of applications and
operating systems.
Exploit Blocker:
ESET technologies protect against various types of vulnerabilities on different levels: our scanning engine covers exploits that appear in malformed document files; Network Attack Protection targets the communication level; and finally, Exploit Blocker blocks the exploitation process itself. Exploit Blocker monitors typically exploitable applications (browsers, document readers, email clients, Flash, Java, and more) and instead of just aiming at particular CVE identifiers it focuses on exploitation techniques. Each exploit is an anomaly in the execution of the process and we look for anomalies that suggest the presence of exploitation techniques. As the technology is under constant development, new methods of detection are added regularly to cover new exploitation techniques. When triggered, the behavior of the process is analyzed and, if it is considered suspicious, the threat may be blocked immediately on the machine, with further attack related metadata being sent to our ESET LiveGrid cloud system. This information is further processed and correlated, which enables us to spot previously unknown threats and so called zero-day attacks, and provides our lab with valuable threat intelligence. Exploit Blocker adds another layer of protection, one step closer to attackers, by using a technology that is completely different from detection techniques that focus on analyzing malicious code itself.
For more info see: https://cdn1-prodint.esetstatic.com/ESET/US/docs/about/ESET-Technology-Whitepaper.pdf
The simplest way to provide protection using a cloud system is by exact blacklisting using hashing. This works well for both files and URLs, but it is able to block only objects that match the hash exactly. This limitation has led to the invention of fuzzy hashing. Fuzzy hashing takes into consideration the binary similarity of objects, as similar objects have the same or a similar hash. ESET has moved fuzzy hashing to the next level. We do not perform hashing of data but hashing of the behavior described in DNA Detections. Using DNA hashing, we are able to block thousands of different variants of malware instantly.
Cloud Malware Protection System
The ESET Cloud Malware Protection System is one of several technologies based on ESET’s cloud-based system, ESET LiveGrid. Unknown, potentially malicious applications and other possible threats are monitored and submitted to the ESET cloud via the ESET LiveGrid Feedback System. The samples collected are subjected to automatic sandboxing and behavioral analysis, which results in the creation of automated detections if malicious characteristics are confirmed. ESET clients learn about these automated detections via the ESET LiveGrid Reputation System without the need to wait for the next detection engine update. The mechanism’s turnaround time is typically under 20 minutes, which allows for effective detection of emerging threats even before regular detections are delivered to users’ computers
ESET’s Host-based Intrusion Prevention System
(HIPS) monitors system activity and uses a
pre-defined set of rules to recognize suspicious
system behavior. When this type of activity is
identified, the HIPS self-defense mechanism
stops the offending program or process from
carrying out potentially harmful activity. Users
can define a custom set of rules to be used
instead of the default rule set; however, this
requires advanced knowledge of applications and
operating systems.
Exploit Blocker:
ESET technologies protect against various types of vulnerabilities on different levels: our scanning engine covers exploits that appear in malformed document files; Network Attack Protection targets the communication level; and finally, Exploit Blocker blocks the exploitation process itself. Exploit Blocker monitors typically exploitable applications (browsers, document readers, email clients, Flash, Java, and more) and instead of just aiming at particular CVE identifiers it focuses on exploitation techniques. Each exploit is an anomaly in the execution of the process and we look for anomalies that suggest the presence of exploitation techniques. As the technology is under constant development, new methods of detection are added regularly to cover new exploitation techniques. When triggered, the behavior of the process is analyzed and, if it is considered suspicious, the threat may be blocked immediately on the machine, with further attack related metadata being sent to our ESET LiveGrid cloud system. This information is further processed and correlated, which enables us to spot previously unknown threats and so called zero-day attacks, and provides our lab with valuable threat intelligence. Exploit Blocker adds another layer of protection, one step closer to attackers, by using a technology that is completely different from detection techniques that focus on analyzing malicious code itself.
For more info see: https://cdn1-prodint.esetstatic.com/ESET/US/docs/about/ESET-Technology-Whitepaper.pdf
- Feb 17, 2018
- 870
- Sep 3, 2017
- 825
"We don't perform behavior blocking"
Virus Bulletin :: Comparative Results
++ For eset is nil fp's because each and every signature is analysed and then updated.
In simple words..if a latest 0 day threat is unseen in Eset live grid ..The user is dead
This acts as a support and signature update for other users. Hope you guys understand it
One user sacrifices his life to protect others -- Eset Proactive (HIPS) and Live Grid
Please guys don't make AV vendors to fool you and use you as their product
WE ARE PAYING THEM
Thank you
Similar threads
