Advice Request What's wrong with Eset POC?

Please provide comments and solutions that are helpful to the author of this topic.

S

Sumedh

New Member
Thread author
Mar 26, 2023
1
We have been participating in an ESET Proof of Concept (POC) and as part of the test, we installed Windows 10 and deployed the ESET Agent. We disabled Windows Defender on both the primary host and VMware host. However, after running malware on the VMware host where the ESET Agent is installed, we found that the ESET server did not detect the malware as no logs were recorded. Surprisingly, Windows Defender automatically blocked the malware even though Bitdefender was still off. We are wondering what could have gone wrong with the ESET configuration that caused it to miss the malware while Windows Defender was able to detect it.
 
  • Like
  • Wow
Reactions: Jack and bayasdev
Bot

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,396
Sumedh said:
We have been participating in an ESET Proof of Concept (POC) and as part of the test, we installed Windows 10 and deployed the ESET Agent. We disabled Windows Defender on both the primary host and VMware host. However, after running malware on the VMware host where the ESET Agent is installed, we found that the ESET server did not detect the malware as no logs were recorded. Surprisingly, Windows Defender automatically blocked the malware even though Bitdefender was still off. We are wondering what could have gone wrong with the ESET configuration that caused it to miss the malware while Windows Defender was able to detect it.
Click to expand...
There could be several reasons why ESET did not detect the malware in your proof of concept (POC) while Windows Defender was able to. One reason could be that the configuration settings of ESET need to be updated or modified to better detect the type of malware you were testing. Additionally, it is possible that the malware was designed to evade detection by ESET specifically, which is not uncommon for advanced malware that is specifically engineered to bypass antivirus software.

Another possibility is that there may have been an issue with the installation or deployment of the ESET Agent or its associated components, such as a misconfiguration or a problem with the implementation process. It is also worth noting that while ESET and Windows Defender are both antivirus solutions, they use different detection technologies that may have varying levels of effectiveness against different types of threats.

To address the issue, it may be helpful to consult with ESET technical support to review the POC configuration and ensure that everything is properly set up for maximum protection against malware. You may also want to consider testing additional malware samples to see if ESET can detect those threats.
 
  • Like
Reactions: Nevi, Jack and Trident
Trident

Trident

Level 28
Verified
Top Poster
Well-known
Feb 7, 2023
1,700
Sumedh said:
We have been participating in an ESET Proof of Concept (POC) and as part of the test, we installed Windows 10 and deployed the ESET Agent. We disabled Windows Defender on both the primary host and VMware host. However, after running malware on the VMware host where the ESET Agent is installed, we found that the ESET server did not detect the malware as no logs were recorded. Surprisingly, Windows Defender automatically blocked the malware even though Bitdefender was still off. We are wondering what could have gone wrong with the ESET configuration that caused it to miss the malware while Windows Defender was able to detect it.
Click to expand...
What was this malware and what’s the name of the detection Windows Defender produced? Could you provide us with a bit more details?
 
  • Like
Reactions: Nikos751

Similar threads

Victor M
    • Like
Advanced Security Victor M BitDefender EDR test box Config
Replies
4
Views
732
PC Setup Configuration Help & Showcase
Victor M
Victor M
C
    • Like
    • +Reputation
App Review ESET Internet Security 2023
Replies
2
Views
1,781
Written Reviews - Security and Privacy
ForgottenSeer 103564
F
Gandalf_The_Grey
    • Like
    • +Reputation
Fake zero-day PoC exploits on GitHub push Windows, Linux malware
Replies
1
Views
1,524
News Archive
upnorth
upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top