Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Sophos Home Premium beta - Review and test
Message
<blockquote data-quote="Parsh" data-source="post: 626071" data-attributes="member: 58090"><p>While the performance still seems subpar compared to others for sure, they've made significant improvements with some decisions that has upped their position for sure.</p><p></p><p>Many AVs having powerful signatures and heuristics detect Trojans and other threats (speaking of Trojans because most of those undetected by Sophos were Trojans) are detected by matching earlier ie. static ways.</p><p>Sophos has been having weak signatures and so it leaves a good no. of malware after static scan.</p><p></p><p>1. However, it is possible than not all Trojans (and others) carry out malicious actions soon after launch (and these were probabky already detected by static scans by other AVs irrespective of when would they have carried out malicious actions) and hence Sophos didn't act immediately.</p><p>I know it doesn't apply to many malware and this might not be true in most cases, but this is possible.</p><p></p><p>2. Based on point 1, I think Sophos doesn't act immediately if strong evidence or action is not observed by its behavior monitor. Some PUAs and probably harmless scripts on MH (yeah, that happens since not all are always malicious) are skipped entirely leading to smaller count of detections.</p><p>Many AVs detect files based on small suspicious behaviors while Sophos might not always.</p><p></p><p>Just my observations and thoughts on what can be some reasons behind smaller detection ratios. Small or big, infections are not tolerable and Sophos still has to improve, and it will, with their long Beta and improvement plans.</p></blockquote><p></p>
[QUOTE="Parsh, post: 626071, member: 58090"] While the performance still seems subpar compared to others for sure, they've made significant improvements with some decisions that has upped their position for sure. Many AVs having powerful signatures and heuristics detect Trojans and other threats (speaking of Trojans because most of those undetected by Sophos were Trojans) are detected by matching earlier ie. static ways. Sophos has been having weak signatures and so it leaves a good no. of malware after static scan. 1. However, it is possible than not all Trojans (and others) carry out malicious actions soon after launch (and these were probabky already detected by static scans by other AVs irrespective of when would they have carried out malicious actions) and hence Sophos didn't act immediately. I know it doesn't apply to many malware and this might not be true in most cases, but this is possible. 2. Based on point 1, I think Sophos doesn't act immediately if strong evidence or action is not observed by its behavior monitor. Some PUAs and probably harmless scripts on MH (yeah, that happens since not all are always malicious) are skipped entirely leading to smaller count of detections. Many AVs detect files based on small suspicious behaviors while Sophos might not always. Just my observations and thoughts on what can be some reasons behind smaller detection ratios. Small or big, infections are not tolerable and Sophos still has to improve, and it will, with their long Beta and improvement plans. [/QUOTE]
Insert quotes…
Verification
Post reply
Top