Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Shadowra's Big Comparative : Episode 2 - Paid Antivirus
Message
<blockquote data-quote="Vitali Ortzi" data-source="post: 1113742" data-attributes="member: 57714"><p>"Web: ZoneAlarm's Web protection is very poor. It's called Anti-Bot and only reacted twice.</p><p>But it intercepted all downloads! (9/9)</p><p>On the other hand, it analyzes by emulating the file, which is relatively time-consuming..."</p><p></p><p></p><p></p><p>There are a few layers to it's web protection</p><p>Url filtering (catagoriztion like most vendors although personally I found it not very good at catagoriztion)</p><p></p><p>Zero pishing (realtime ai based detection based on a few methods one is clustering with ssdeep signatures , similarities and a few other methods to give a confidence level )</p><p></p><p>Threat emulation, extraction (basically a CDR + emulation)</p><p></p><p>Anti bot is another network layer but isn't included in the extension itself</p><p></p><p></p><p></p><p>So technically on protection basis just like everything got detected locally if you disabled the av components the emulation should have detected it instead so it's definitely not bad at detecting payloads and is perfect at cleaning documents although I agree it takes too much time to emulate so it's not convenient (technically can be tuned to work in the background rather then holding downloads till emulation)</p><p>and about other web based threats ( pishing) the zero pishing tech is very good at detection of certain pishing pages like ones that look like Microsoft , Facebook etc that it's trained on</p><p></p><p>(I recommend using Symantec extension as well as it has the better catagoriztion and is a perfect match )</p><p></p><p>Btw I have a question was the zonealarm system infected ?</p><p>There was "script remains active."</p><p>But was that script able to do malicious harm and or connect to the command and control server ?</p><p>But yeah they definitely need to work on script detection as although it was one of the better ones in cruel sister tests (she noted that it is better then Malwarebytes but worse then Symantec at worm detection)</p><p>Oh and ransomware protection needs to improve as although it's better then some vendors it's not good enough as shown in cruelsister tests and another thing I find important is that they reduce the resource usage (they are currently working on it )</p><p></p><p>Anyway it's still in my opinion with a few drawbacks still one of the best set and forgot av vendors</p><p></p><p>Basically I like to recommend for 4 gigabyte plus ram machine eset and for 8 plus zone alarm (zonealarm is cheaper and in my opinion is better in a variety of threats over eset as it has better ransomware protection/zero pishing , better emulation then liveguard)</p><p></p><p></p><p></p><p></p><p></p><p>Both eset and zonealarm are improving a lot lately and eset got in apt , offline detection it got better results in av comparative tests then Kaspersky</p><p></p><p>[URL unfurl="true"]https://www.av-comparatives.org/tests/advanced-threat-protection-test-2024-consumer/[/URL] (more apt attacks blocked )</p><p></p><p></p><p></p><p><a href="https://www.av-comparatives.org/tests/malware-protection-test-march-2024/" target="_blank">Malware Protection Test March 2024</a> (better offline detection)</p></blockquote><p></p>
[QUOTE="Vitali Ortzi, post: 1113742, member: 57714"] "Web: ZoneAlarm's Web protection is very poor. It's called Anti-Bot and only reacted twice. But it intercepted all downloads! (9/9) On the other hand, it analyzes by emulating the file, which is relatively time-consuming..." There are a few layers to it's web protection Url filtering (catagoriztion like most vendors although personally I found it not very good at catagoriztion) Zero pishing (realtime ai based detection based on a few methods one is clustering with ssdeep signatures , similarities and a few other methods to give a confidence level ) Threat emulation, extraction (basically a CDR + emulation) Anti bot is another network layer but isn't included in the extension itself So technically on protection basis just like everything got detected locally if you disabled the av components the emulation should have detected it instead so it's definitely not bad at detecting payloads and is perfect at cleaning documents although I agree it takes too much time to emulate so it's not convenient (technically can be tuned to work in the background rather then holding downloads till emulation) and about other web based threats ( pishing) the zero pishing tech is very good at detection of certain pishing pages like ones that look like Microsoft , Facebook etc that it's trained on (I recommend using Symantec extension as well as it has the better catagoriztion and is a perfect match ) Btw I have a question was the zonealarm system infected ? There was "script remains active." But was that script able to do malicious harm and or connect to the command and control server ? But yeah they definitely need to work on script detection as although it was one of the better ones in cruel sister tests (she noted that it is better then Malwarebytes but worse then Symantec at worm detection) Oh and ransomware protection needs to improve as although it's better then some vendors it's not good enough as shown in cruelsister tests and another thing I find important is that they reduce the resource usage (they are currently working on it ) Anyway it's still in my opinion with a few drawbacks still one of the best set and forgot av vendors Basically I like to recommend for 4 gigabyte plus ram machine eset and for 8 plus zone alarm (zonealarm is cheaper and in my opinion is better in a variety of threats over eset as it has better ransomware protection/zero pishing , better emulation then liveguard) Both eset and zonealarm are improving a lot lately and eset got in apt , offline detection it got better results in av comparative tests then Kaspersky [URL unfurl="true"]https://www.av-comparatives.org/tests/advanced-threat-protection-test-2024-consumer/[/URL] (more apt attacks blocked ) [URL='https://www.av-comparatives.org/tests/malware-protection-test-march-2024/']Malware Protection Test March 2024[/URL] (better offline detection) [/QUOTE]
Insert quotes…
Verification
Post reply
Top
