App Review Shadowra's Big Comparative - Episode 3 Entreprise Antivirus

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra

carl fish

Level 8
Verified
Mar 6, 2012
378
It's the same signatures but advanced has certain technologies that aren't yet launched in the consumer products like ransomware remediation (rollback )

I'm using the eset protect advanced and it has ransomware remediation enabled by default but except ransomware protection there shouldn't be a difference in the default config of the endpoint product over consumer products and that feature should be available to consumers at some point as well





Btw about ransomware protection on eset , av software that use hardware features would unfortunately have worse results under a VM where it can't access the hardware features
will the home products get ransomware remediation in an upcoming update is that the only difference between the home and enterprise products?
 
Last edited:

Behold Eck

Level 18
Verified
Top Poster
Well-known
Jun 22, 2014
893
Kill the @Bot ! :LOL::LOL::LOL:

So much buzz about enterprise solutions, and yet ... :rolleyes:🥱 Can't see why ordinary users would bother.

Excellent work @Shadowra!!! 👍👍
Killing Bot would be so wrong...don`t.

Yeah like what`s all the fuss about business grade models, could it be prestige or something ?

Cheers Shadowra for the effort and time involved(y)

Regards Eck:)
 

mlnevese

Level 28
Verified
Top Poster
Well-known
May 3, 2015
1,780
will the home products get ransomware remediation in an upcoming update is that the only difference between the home and enterprise products?
They said in their forums that it will be coming to consumer products sometime this year. My bet is when version 19 is released.

Anyway, this test proves it's not worth it for a home user to spend extra cash for an enterprise solution.
 

bazang

Level 10
Jul 3, 2024
456
Then we'll get to the point where using Defender is enough and not having to pay for a 3rd party antivirus software.
Microsoft Defender is adequate if - and only if:

1. The user is not reckless or security ignorant; and
2. The user is not a young child; and
3. The primary objective is prevention.

Microsoft Defender is not adequate for a breached or post-exploitation environment. That means if it does not stop the attack in the early stages, then there is a very high probability that it will not protect the system and its data.

None of them are adequate for a breached or post-exploitation environment. Windows security (on fully managed Windows devices) does have the native ability to safeguard data in such environments but that is advanced user stuff and really is not relevant in this discussion.
 

bazang

Level 10
Jul 3, 2024
456
The results for WithSecure didn't really surprise me. It's kind of going hand in hand with the Personal app, and some of the changes their making with it, not for the better.
Thank you, Shadowra, excellent work :)
The WithSecure version tested does not include the changes that are being made in the consumer version. Eventually it will, but not now.

F-Secure will use its consumer userbase as the guinea pigs for 19.9 with all the changes (move to Avira components and whatever else they are not revealing). Then, after X amount of time, WithSecure will slowly roll them out.

F-Secure and WithSecure on paper and physically are two different companies, but they both use the same code base. In short, they are essentially the same product. What happens on the F side usually happens on the W side, and vice versa.

F-Secure and WithSecure were never top A-List antivirus. Never have been historically and never will be going forward. They did offer very important advantages to users that wanted these benefits:

1. Light on system resources; and
2. Fast detection; and
3. Competitive detection (competitive with their peers).

But as far as a breached or post-exploitation environment. Nah. When that happens, the information systems are not served very well by any antivirus product. For such environments you need defense-in-depth - and that itself has to be skillfully configured and maintained.

Every wonder why there are no antivirus labs that test antivirus performance in breached and post-exploitation environments?

I do not wonder. I know why. Nobody except Eugene Kaspersky would be willing to participate in such tests. But after the first set of tests even Eugene would withdraw because such testing would expose the inconvenient and ugly truths about antivirus.
 

SeriousHoax

Level 50
Verified
Top Poster
Well-known
Mar 16, 2019
3,908
Thanks for the video and kudos to your patient on testing all the products 👏
ESET:cool:, I think ESET will win the final. The only issue is that ESET home product detections are not as great as their business enterprise, like ESET Protect Advanced. Recently, AV-TEST conducted ransomware tests, and ESET Security Ultimate was unable to detect it, but ESET Protect Advanced detected it. Can anyone explain how it is possible that ESET signatures are the same or different for home and business/enterprise users?
At the moment excluding the ransomware remediation feature that @Vitali Ortzi talked about, everything is exactly the same in the home and enterprise version.
But for home product test, all products including ESET are tested on default settings while for the Enterprise tests, vendors are allowed to set their own configuration. In Enterprise tests, ESET set all detection engine sensitivity to Aggressive which could've been the reason for the different result. I would recommend you to do that also. PUA protection is the only thing that you may keep at balanced, but I even set that to aggressive when I use ESET.

BTW, high tier/EDR/MDR version of most Enterprise products further improves their protection.
 

bazang

Level 10
Jul 3, 2024
456
And what would you say those 'ugly truths' are ?
They are not very effective beyond the various types of detection by signature or patterns. They can be made more effective but that is dependent upon the knowledge and skill of the individual(s) deploying, configuring, and using (the end user) the security software.

Wow. People (users) actually expected to know something and handle security issues properly. Now that is too much to expect from people.

None of the antivirus would survive the tests. The data produced from such tests would easily convince anybody that free or paid - consumer or enterprise - antivirus and "suites" are not effective on a compromised system or network. If they were effective then you would not read about the latest breach in the daily cybersecurity news.

Only tightly-locked down, rigorously managed systems provide reliable robust security and the greatest probability of breaking the kill chain. Antivirus is only one tiny part of that kind of security.

Security is not software. It is a process.
 
Last edited:

cartaphilus

Level 12
Well-known
Mar 17, 2023
574
Looks like AVs are not the only ones having issues running scripts.

Screenshot_20250124-132004.png
 
Last edited by a moderator:

bazang

Level 10
Jul 3, 2024
456
Looks like AVs are not the only ones having issues running scripts.
Microsoft is to blame. The capability to run scripts should not be possible in any way for the Windows OS straight out of the box.

Windows is like giving a 12 year old a child a loaded pellet gun and telling that child "Here, now go play."

Billions of grown adults cannot handle Windows. What makes Microsoft think those adults can keep it secure?

Oh, wait a minute. Microsoft knows those adults cannot keep Windows secure but they are "users that want to use stuff and buy games, media through the Microsoft Store" and, hence, not Microsoft's problem.

Microsoft's official position is that it is not responsible for users' security. (Read their EULAs. If you do then you will be one of the three people in the world that have. I am one of them. So who is that third person?)

When Microsoft forces increased or inconvenient security onto the "users that want to use stuff freely without inconvenience" then those users scream, kick, and cry like a tantrum.
 

annaegorov

Level 2
Feb 6, 2018
60
Microsoft is to blame. The capability to run scripts should not be possible in any way for the Windows OS straight out of the box.

Windows is like giving a 12 year old a child a loaded pellet gun and telling that child "Here, now go play."

Billions of grown adults cannot handle Windows. What makes Microsoft think those adults can keep it secure?

Oh, wait a minute. Microsoft knows those adults cannot keep Windows secure but they are "users that want to use stuff and buy games, media through the Microsoft Store" and, hence, not Microsoft's problem.

Microsoft's official position is that it is not responsible for users' security. (Read their EULAs. If you do then you will be one of the three people in the world that have. I am one of them. So who is that third person?)

When Microsoft forces increased or inconvenient security onto the "users that want to use stuff freely without inconvenience" then those users scream, kick, and cry like a tantrum.
The above as stated, would seem to me, to be, the perfect opportunity for a vendor like Eset, or another 3rd party, to capitalize on Microsoft lazy attitude, and make a product that "SOMEHOW" overcomes the above stated issues.
 

bazang

Level 10
Jul 3, 2024
456
Valid comments for sure, but I think you missed the context and humour in cartaphilus post. :}
I thought it was funny, just the image is too big to re-post. (Tip: There's a lot of this type of meme on Reddit programmers subreddit)

During the Target credit card theft from the third party card processor's backend, a woman was documented as being very upset about it.

She sad something to the effect of "How could this happen to me? I have antivirus installed on all my PCs." to a Target manager.

After that she left and searched for a Python to bring home.

I guess she figured 'I might as well find something that will make me feel good while I am miserable'...;) 😁
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top