Advice Request Sophos Home Premium?

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.
Barakah

Barakah

Level 3
Verified
Apr 13, 2018
120
mekelek said:
read the last line again, i ran more tests but didn't publish it on the hub, since they were embarassing
Click to expand...

Embarrassing? To what extent? Is there a certain point where Sophos fails again and again? I see a badge indicating a “Av-Tester” so I believe you can give a full report of Sophos capabilities and weaknesses as you thoroughly made a few tests.
 
  • Like
Reactions: upnorth, ForgottenSeer 58943 and ZeroDay
mekelek

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
Barakah said:
Embarrassing? To what extent? Is there a certain point where Sophos fails again and again? I see a badge indicating a “Av-Tester” so I believe you can give a full report of Sophos capabilities and weaknesses as you thoroughly made a few tests.
Click to expand...
everything that had no signature was left alone, scriptors especially, the VMs were constantly infected if the samples were fresh.
basically only seen signature based detections in like 5 packs in a row, at which point i just gave up and installed a different AV in my VM.
 
  • Like
Reactions: ZeroDay, upnorth, Evjl's Rain and 1 other person
Barakah

Barakah

Level 3
Verified
Apr 13, 2018
120
mekelek said:
everything that had no signature was left alone, scriptors especially, the VMs were constantly infected if the samples were fresh.
basically only seen signature based detections in like 5 packs in a row, at which point i just gave up and installed a different AV in my VM.
Click to expand...

Sounds a very bad experience you had. I hope more members test it in the hub. Thanks for sharing your experience.
 
  • Like
Reactions: upnorth and ZeroDay
Islam Gamal

Islam Gamal

Level 4
Verified
Well-known
Jan 25, 2018
155
i used Bitdefender TS 2018 for 3 months. it was a bad experience. Bitdefender is full with bugs. when i open the main GUI, it takes 10 seconds or higher to open. when it makes an update, it takes so much from cpu and the update takes forever. the full system scan takes 4 hours :cautious::cautious:. it takes so much from my system resources. the support is very very very bad and they don't respond to the customers. the forum is full with customer complaints and they do nothing at all. i don't know how this product wins in every performance test at AV-Test and AV-comparative. i started using G-data internet security and i am very happy with it. it is really very good , stable and so light in my system.
 
  • Like
Reactions: L0ckJaw, ZeroDay, amico81 and 2 others
E

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Barakah said:
Sounds a very bad experience you had. I hope more members test it in the hub. Thanks for sharing your experience.
Click to expand...
Review - Sophos Home Premium Released

despite being old but there isn't much improvement

I also tested HMPA standalone myself. It was weak and overated
subpar ransomware protection, hit-and-miss exploit protection (failed against eternalblue exploit - wannacy)
 
  • Like
Reactions: Sunshine-boy, ZeroDay, upnorth and 2 others
mekelek

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
zzz00m said:
Or just run HitmanPro.Alert with your favorite AV. That is why Sophos bought them and based Intercept X on their technology. But you don't have to buy Sophos. Just saying...
Click to expand...
HMPA has serious compatibility issues even today, especially that most AVs have some sort of anti-exploit protection which may or may not be able to turn it off
 
  • Like
Reactions: ZeroDay
F

ForgottenSeer 58943

I'm 100% not a fan of 'pack' testing, which is why I pay zero attention to the hub. No offense to the testers over there. I think we need to be careful drawing conclusions on things with people extracting packs and scanning or executing them.

In our lab, we place test machines on a DMZ with no other protection other than the test subject security product then over an extended period of time evaluate the protection from what the level from average user up to reckless user. This way, all modules and technologies involved with a product are accurately evaluated. I realize that amateur testers don't always have the resources, time or personnel to do these things.

I'm not interested in arguing the merits of the hub. It exists, and people play around in it. I pay zero attention to it or any results from it because to me it could be misleading. For example someone was bagging on Heimdal here without understand the purpose of it. After I explained in great detail how it works, they tested it under the conditions of which it is designed and found it blocked 60-65% of the threats at the outset. Which is exactly where the other labs testing it sit, and where Heimdal itself claims their effectiveness is at.

When I hear 'FortiClient sucks at the hub!', or 'Sophos sucks at the hub!', or 'Panda sucks at the hub!', which in some cases run 100% counter to real-world test results, lab test results, etc. Panda sucks at the hub? Glad to hear it. But the full version with application control and datashield on, has protected a DMZ'd recklessly used machine for 60 days now. Which is actually in line with recent tests at AVC which confirm 100% real world protection.

I think caution is warranted so the hub doesn't control discourse on this forum regarding products or performance. I die a little inside each time the hub is brought up.
 
  • Like
Reactions: Cavehomme, kev216, oldschool and 4 others
Barakah

Barakah

Level 3
Verified
Apr 13, 2018
120
@
ForgottenSeer 58943 said:
I'm 100% not a fan of 'pack' testing, which is why I pay zero attention to the hub. No offense to the testers over there. I think we need to be careful drawing conclusions on things with people extracting packs and scanning or executing them.

In our lab, we place test machines on a DMZ with no other protection other than the test subject security product then over an extended period of time evaluate the protection from what the level from average user up to reckless user. This way, all modules and technologies involved with a product are accurately evaluated. I realize that amateur testers don't always have the resources, time or personnel to do these things.

I'm not interested in arguing the merits of the hub. It exists, and people play around in it. I pay zero attention to it or any results from it because to me it could be misleading. For example someone was bagging on Heimdal here without understand the purpose of it. After I explained in great detail how it works, they tested it under the conditions of which it is designed and found it blocked 60-65% of the threats at the outset. Which is exactly where the other labs testing it sit, and where Heimdal itself claims their effectiveness is at.

When I hear 'FortiClient sucks at the hub!', or 'Sophos sucks at the hub!', or 'Panda sucks at the hub!', which in some cases run 100% counter to real-world test results, lab test results, etc. Panda sucks at the hub? Glad to hear it. But the full version with application control and datashield on, has protected a DMZ'd recklessly used machine for 60 days now. Which is actually in line with recent tests at AVC which confirm 100% real world protection.

I think caution is warranted so the hub doesn't control discourse on this forum regarding products or performance. I die a little inside each time the hub is brought up.
Click to expand...
@ForgottenSeer 58943 You’re from another planet. I do like your posts and your way of thinking.
 
  • Like
Reactions: Sunshine-boy, oldschool, ForgottenSeer 58943 and 1 other person
mekelek

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
ForgottenSeer 58943 said:
I'm 100% not a fan of 'pack' testing, which is why I pay zero attention to the hub. No offense to the testers over there. I think we need to be careful drawing conclusions on things with people extracting packs and scanning or executing them.

In our lab, we place test machines on a DMZ with no other protection other than the test subject security product then over an extended period of time evaluate the protection from what the level from average user up to reckless user. This way, all modules and technologies involved with a product are accurately evaluated. I realize that amateur testers don't always have the resources, time or personnel to do these things.

I'm not interested in arguing the merits of the hub. It exists, and people play around in it. I pay zero attention to it or any results from it because to me it could be misleading. For example someone was bagging on Heimdal here without understand the purpose of it. After I explained in great detail how it works, they tested it under the conditions of which it is designed and found it blocked 60-65% of the threats at the outset. Which is exactly where the other labs testing it sit, and where Heimdal itself claims their effectiveness is at.

When I hear 'FortiClient sucks at the hub!', or 'Sophos sucks at the hub!', or 'Panda sucks at the hub!', which in some cases run 100% counter to real-world test results, lab test results, etc. Panda sucks at the hub? Glad to hear it. But the full version with application control and datashield on, has protected a DMZ'd recklessly used machine for 60 days now. Which is actually in line with recent tests at AVC which confirm 100% real world protection.

I think caution is warranted so the hub doesn't control discourse on this forum regarding products or performance. I die a little inside each time the hub is brought up.
Click to expand...
malware hub testing is like pure torque and horse power testing, and your way of testing is like bringing a car out on the race track and putting a random skilled driver then checking the time lap or if he crashed the car into the wall.

you want to put "noise" into our testing, when all it matters is the sheer performance of a security suite.

you want us to start deciding if we should execute something just cause it looks funny? why are you trying to make it easy for the AV suites?
sure, i put any AV on my Dad's computer who only plays poker on facebook and has only work related emails, and the computer will be malware free for an eternity and forward.
in fact on a never updated Windows XP machine with expired ESET is squeaky clean.
 
  • Like
Reactions: Nightwalker and oldschool
ZeroDay

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
ForgottenSeer 58943 said:
'm 100% not a fan of 'pack' testing, which is why I pay zero attention to the hub. No offense to the testers over there. I think we need to be careful drawing conclusions on things with people extracting packs and scanning or executing them.
Click to expand...

ForgottenSeer 58943 said:
I'm not interested in arguing the merits of the hub. It exists, and people play around in it. I pay zero attention to it or any results from it because to me it could be misleading.
Click to expand...

ForgottenSeer 58943 said:
It feels very light on the system as well. This one so far, appears to be a really strong contender.. Someone want to get in the hub for a go for all of us?
Click to expand...


Q&A - Sophos Home Premium?

So, which is it, to Hub or not to Hub? lol
 
  • Like
Reactions: upnorth, mekelek and oldschool
B

BigZ

Level 1
Apr 15, 2018
5
I just recently switched from Bitdefender Total Security 2018 to Sophos Home Premium. Nothing wrong with Bitdefender as I have used them for years and sometimes even along with Malwarebytes Premium.

Reason for changing was that I wanted to originally try HitmanPro.Alert and when I found out it was incorporated with the new Sophos Home Premium I made the jump. So far so good, no issues with the default settings.
 
  • Like
Reactions: Cavehomme, Sunshine-boy, amico81 and 2 others
L0ckJaw

L0ckJaw

Level 19
Verified
Content Creator
Well-known
Feb 17, 2018
870
That was Sophos for me. Another AV that breaks my VPN. Back to G-Data and OSarmour.
 
  • Like
Reactions: amico81
F

ForgottenSeer 58943

ZeroDay said:
Q&A - Sophos Home Premium?

So, which is it, to Hub or not to Hub? lol
Click to expand...

Not.

That was before I tested the integration of SHP components and how they arrive at a full protection suite and how a simple pack test wouldn't really show anything other than the strengths or weaknesses of the basic sophos signature set based on Sophos and VirusBuster.

Those basic signatures on Sophos according to my friend at Sophos, they know are generally 'average', which is what warranted their acquisition of Surfright(HMP/HMPA), Mojave Networks (Cloud Technology, Web Heuristics), and Invincea, which will be integrated into SHP over the next 6-12 months as their predictive AI and machine learning modules. But before that happens they needed to sunset Invincea customers (which happened last week).
 
  • Like
Reactions: Cavehomme, ZeroDay, BigZ and 5 others
L0ckJaw

L0ckJaw

Level 19
Verified
Content Creator
Well-known
Feb 17, 2018
870
First thing G-Data adviced me when installing is to Uninstall HMP.
@mekelek like you said in another post ;)
 
  • Like
Reactions: mekelek
F

ForgottenSeer 58943

mekelek said:
soo as of now sophos is still mediocre
so we were right
case can be closed, thank you
Click to expand...

According to who? Amateurs playing with packs that don't even illustrate the combined protection components under real world conditions? Spare me your diatribes. I'd still feel bad if anyone made any actual security choices based on the hub...

How about we ignore the elephant in the room with Kaspersky and just say it spies on you, Russia is the wild west, and Adobe Analytics is getting your data on insecure channels and just say 'It sucks because it leaks data and spies!'. I pulled my SIEM and Caps off Kaspersky before embarrassing it too badly and wasting anymore of my time.

It gets really old around here, the same guys going into every thread, promoting their same savior. Derailing them endlessly so conversations on other products are completely supplicated with trash talk and affirmations of the chosen one.. Where's the moderation against these trolls? Keep it up and I'm gone, I want good, common sense discussion and testing on a variety of solutions, technologies and products, not this rubbish everyday from the same couple of guys.
 
  • Like
Reactions: Cavehomme, ZeroDay and BigZ
mekelek

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
ForgottenSeer 58943 said:
According to who? Amateurs playing with packs that don't even illustrate the combined protection components under real world conditions? Spare me your diatribes. I'd still feel bad if anyone made any actual security choices based on the hub...

How about we ignore the elephant in the room with Kaspersky and just say it spies on you, Russia is the wild west, and Adobe Analytics is getting your data on insecure channels and just say 'It sucks because it leaks data and spies!'. I pulled my SIEM and Caps off Kaspersky before embarrassing it too badly and wasting anymore of my time.

It gets really old around here, the same guys going into every thread, promoting their same savior. Derailing them endlessly so conversations on other products are completely supplicated with trash talk and affirmations of the chosen one.. Where's the moderation against these trolls? Keep it up and I'm gone, I want good, common sense discussion and testing on a variety of solutions, technologies and products, not this rubbish everyday from the same couple of guys.
Click to expand...
according to yourself?
ForgottenSeer 58943 said:
Not.

That was before I tested the integration of SHP components and how they arrive at a full protection suite and how a simple pack test wouldn't really show anything other than the strengths or weaknesses of the basic sophos signature set based on Sophos and VirusBuster.

Those basic signatures on Sophos according to my friend at Sophos, they know are generally 'average', which is what warranted their acquisition of Surfright(HMP/HMPA), Mojave Networks (Cloud Technology, Web Heuristics), and Invincea, which will be integrated into SHP over the next 6-12 months as their predictive AI and machine learning modules. But before that happens they needed to sunset Invincea customers (which happened last week).
Click to expand...
please spare me from the indirect direct insults, the past year you have been plugging forticlient here on MT.
not once in this thread I have mentioned an alternative, we just talked about the hub results, then you came in, being mad for having a different opinion and went on bashing on the hub, us, whatever you could find
 
Last edited:
  • Like
Reactions: ZeroDay
Status
Not open for further replies.

Similar threads

Gidiyorsun
    • Like
    • Applause
Extended Trial 15x Heimdal Premium Security Home - 6 months free
Replies
50
Views
5,870
Giveaways, Promotions and Contests
Gidiyorsun
Gidiyorsun
Shadowra
    • +Reputation
    • Like
    • Thanks
App Review Guardio Premium
Replies
13
Views
1,423
Video Reviews - Security and Privacy
Jonny Quest
Jonny Quest
JB007
    • Like
Advice Request 1Blocker for Safari
Replies
3
Views
186
Web Extensions
enaph
enaph

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top