Battle What is the best internet security: ESET or Kaspersky?

[Islam Gamal]

i have tried every single one of them for 1 month so far no problem at all.
but i can't decide which one should i go with. they are really very good products.

 

[mekelek]

Even AVIRA has this trash(what they say) is a cloud behavioural integration..it is not good as they say.. probably a BIG 0
Don rely on what others say..Run the tests with highly 0 day malware (disable RT).. enable cloud as u said.you will know the results
its TRUTH Eset has no sort of any ZERO DAY capabilities..it is what signatures and VT + CLOUD saving them

their Live Grid is utilizing machine learning just like everyone else, so they do have something. the suite lacks dynamic modules tho, badly.
I mean unless you can bare the advanced HIPS that whines about the smallest rain drop.

 

[Sunshine-boy]

receive the detections from VT

I don't think so.There is no proof...

 

[Mahesh Sudula]

don't let yourself fool by the description from people from ESET. There is no BB in ESET and I have the evidence
"We don't perform behavior blocking"

LiveGrid = Cloud, reputation service
DNA detection = heuristics

Livegrid won't be able to protect you if you are the first person encountering a new malware. It will protect the next users after it finishes analyzing the uploaded malwares while the first user is dead already

This is what separates it from KSN totally...since sys watcher plays a major role in UDS detections i have seen...
Kaspersky have a great KSN..but impact is BB worth not KSN.. (BB-90% KSN -10%)

 

[mekelek]

This is what separates it from KSN totally...since sys watcher plays a major role in UDS detections i have seen...
Kaspersky have a great KSN..but impact is BB worth not KSN.. (BB-90% KSN -10%)

Kaspersky's userbase makes KSN a big thing tho. Chances are you're the first to get a certain soon-to-be widespread malware/ransomware is pretty low.

 

[Islam Gamal]

Back to the topic, I suggest you get the one you can get for a cheaper price (deals)
both of them are excellent

KIS is better, IMO but KIS has a problem with PUPs while ESET is the king against PUPs
after tweaking, KIS is extremely hard to be bypassed while ESET might require some user interactions due to its noisy HIPS
KIS is heavier than ESET, no doubt, even after tweaking

the only thing i hate while using eset (noisy hips) and on my system kaspersky is very light after tweaks.

 

[Evjl's Rain]

I don't think so.There is no proof...

of course there is no proof but as someone from Emsisoft said they receive malwares from VT everyday. I think it's the same for other vendors

reading through ESET forum, they admit there is no BB and repeatedly said ESET has something other AVs don't have and it's enough to protect users

 

[mekelek]

of course there is no proof but as someone from Emsisoft said they receive malwares from VT everyday. I think it's the same for other vendors

reading through ESET forum, they admit there is no BB and repeatedly said ESET has something other AVs don't have and it's enough to protect users

i highly doubt VT only passes samples to ESET since VT is a big no-no when it comes to malware market.

 

[Islam Gamal]

ESET IMO has the best Firewall of any suite. You can granularly block virtually every protocol used to subvert a system.

Other than the Firewall, I found it lackluster, and would prefer a properly configured Kaspersky.

Just to add, I'd pick G Data Total Security over either of them though. Much improved BB, light as a feather, secondary engine, good firewall (on high security), etc. But since that wasn't an option. Kaspersky.

why G Data total security and not internet security??

 

[Evjl's Rain]

the only thing i hate while using eset (noisy hips) and on my system kaspersky is very light after tweaks.

same for me. However, after so many performance tweaks I made for KIS, I still don't find it light. If you have ever tried kaspersky free, you would see it's much lighter than KIS
KIS is not light because of the application control

I think I squeeze the lightest out of KIS already
it could be lighter if you change the File shield mode to On execution

 

[amico81]

why G Data total security and not internet security??

i would recommend Gdata IS...very good protection ( take a look @malwarehub) and save money

 

[Sunshine-boy]

Livegrid won't be able to protect you if you are the first person encountering a new malware.

But there are Hips and other layers like the Advanced Memory Scanner, inbuilt sandbox, DNA /Heuristic detection.also, it is possible the malware Get caught in the cloud(According to Eset the cloud can analyse the file so there is a chance for that)

 

[Evjl's Rain]

i highly doubt VT only passes samples to ESET since VT is a big no-no when it comes to malware market.

I think VT passes malwares to all vendors participating in its service. The thing is how quickly they analyze and implement the signatures

 

[Mahesh Sudula]

Kaspersky's userbase makes KSN a big thing tho. Chances are you're the first to get a certain soon-to-be widespread malware/ransomware is pretty low.

Let me give recent ex: i tested a LIVE 0 day sample which even KSN has no detections..Test was carried out with harlan4096(KIS USER)...
Av tested : KIS 2018 upto date (All modules active)...Sample managed to run..but after restart Sys watcher caught it right away (Process memory)..Dangerous and started Adv Disinfection and succeded..CLEAN SHEET..
within minute s(2min) when he tried to download the sample UDS attacked in ..and blocked the download.. most probably its me..contributed to that(Such a fast transfer in KSN)

Sys watcher (independent) of KSN -. KSN(Dependent) on Sys watcher(UDS Detections)..
This is how they should work..it surprised me totally..Great Job..
It is not their KSN ..its BB is doing actually what is supposed to do

 

[Evjl's Rain]

But there are Hips and other layers like the Advanced Memory Scanner, inbuilt sandbox, DNA /Heuristic detection.also, it is possible the malware Get caught in the cloud(According to Eset the cloud can analyse the file so there is a chance for that)

forget about HIPS, it's not for average users and it blocks everything including safe programs if they do something that triggers HIPS
with HIPS and if you trust HIPS and block everything, almost nothing can bypass but that's not the point

HIPS is when you want to lockdown your PC and not installing anything

I'm sorry to say but many AVs have memory scanner, sandbox, heuristics. They are just fancy terms for basic features
I'm telling you, avast has inbuilt sandbox but they are not good enough. Same for ESET

 

[Sunshine-boy]

they admit there is no BB

Right but anti ransomware module has some behavioral analysis(according to Eset moderator)! they didn't claim that we have a BB.

 

[Deleted member 65228]

ESET don't have a 'Behavior Blocker' component although they do have a Host Intrusion Prevention System (HIPS) component, which when used properly, can increase the overall protection and provide protection benefits. In my opinion, the HIPS component isn't for novices though.

ESET do have exploit mitigation techniques which could be considered a form of 'Behavior Blocking', in the sense that they can still monitor behaviour of software and intercept if the product deems it should do so. Such interception for mitigation would be applied in scenarios where a potential exploit has been identified attempting to be deployed and thus it would intervene to mitigate the attack. However, it is not a 'Behavior Blocker' component in the same context as other security products.

ESET also have a good memory scanner, which is a form of dynamic protection. This will allow the product to flag malware after it has unpacked itself in-memory (should it have been packed when on-disk and thus being harder to detect prior to on-execution).

I would imagine that ESET have emulation technology as well. In-fact, I'd imagine many vendors have such technology and would have had it for many years now. They do have a cloud network which can be beneficial for most.

The Internet Security version also contains a Firewall component... This likely incorporates usage of of network signatures for mitigation of attacks.

Should I mention the UEFI bootkit scanning support which ESET provides? You don't see that every-day.

There's more to ESET than just signatures, however ESET do have good generic signatures and this will be effective when combined with their memory scanning techniques (on-execution).

TLDR; ESET do have both static and dynamic protection techniques implemented into their products.

 

[Mahesh Sudula]

ESET HIPS = COMODO HIPS = TRUST PORT HIPS :notworthy:
All come under same category but UP and DOWN

 

[Evjl's Rain]

Right but anti ransomware module has some behavioral analysis(according to Eset moderator)! they didn't claim we have a BB.

again, do not trust people from vendors, they just say fancy technologies they have and they are likely to be bias
behavior analysis belongs to livegrid and livegrid works when the sample is uploaded to livegrid -> analyze -> result = malware -> block that file when the next users encounter
it means they sacrifice many first users. You know what I mean

first user gets the malware and he is dead -> the sample is uploaded and analyzed ONLINE (takes time) -> the next users will be safe because livegrid marks the file as unsafe

EDIT: if you get a ransomware, there is not enough time for livegrid to analyze and save you

 

[Sunshine-boy]

first user gets the malware and he is dead -> the sample is uploaded and analyzed ONLINE (takes time) -> the next users will be safe because livegrid marks the file as unsafe

This is right but there are other layers(like RW protection in hips) that may detect the file! even the firewall(if tweaked correctly) can be helpful.

 

[Evjl's Rain]

This is right but there are other layers(like RW protection in hips) that may detect the file! even the firewall(if tweaked correctly) can be helpful.

HIPS is HIPS, every HIPS is the same, it blocks everything and of course ransomwares. If I use HIPS, I'd rather use comodo than ESET
for firewall, even windows firewall tweaked by syshardener is very good already. It blocks wscript and powershell for example, so malwares can't download payload => not infected
but there are many more way to attack

with the default settings in ESET, the change of getting infection is quite low due to its fast and strong signatures
BD with a very good BB is not as good as ESET when it comes to real world fight