@Kiwimike
Where did you get those statistics from?
How should they do that? They would need zero-day exploits for this kind of test and those go for quite a bit of money, more that they make every year with their tests.
Killtesting AV software is useless, if it's on the system the protection of your AV is the least of your worries.
There are no absolutes in software, it can and will fail, so based on this every security software can and will fail.
Basing the security of a software on an impractical and outdated test?
Are we talking about home users here or businesses? ARP spoofing protection for home users is unnecessary.
Shameless self quote Best Firewall: Kaspersky IS 2016, BitDefender IS, or Eset Smart Security, or Emsisoft IS
They never have and never will block everything, they are okay for what they are supposed to be doing ,blocking known and common stuff, but that's it.
Trashing three of the biggest security companies out there without any reason? Have you even tried their endpoint and/or server protection?
1. If you want sources, a simple google search will do the trick:
Antivirus tools miss almost 70 percent of malware within the first hour
Antivirus is dead, says maker of Norton Antivirus
Those are the two highest links that come up for me, and while I will admit they do not say a mere 20% are detected. So while I prefer to stick to my claim, I'll give you that one.
2. True, they would. But if they are testing antivirus software they should live up to what they are actually doing. If you wanted to be really cheap you could probably find exploits on the internet or grab some from a company or find exploits that are zero day currently out there.
3. You do make a point, antivirus software's primary function is to prevent and not remove. However, if malware is on the system killing the antivirus software would indeed be bad, incase lets say the malware gets added to the signature database one day and the malware gets detected and removal gets attempted.
Although an even more better reason, is that it should just be done anyways because way to many antiviruses fail at it, and its a real shame.
If an antivirus can't protect itself, how it can it protect the system from exploitation? AVG and Kaspersky recently included ASLR in their products after a memory vulnerability could cause a peice of malware or attacker to manipulate the av. This is probably not the case with just these.
4. True, and yes. Which is why I repsect Comodo so much, they haven't failed. They have the protection that is deserved by the enterprise. But other than Comodo, all antiviruses fail yes.
5. Your right, it is old and impractal. Still doesn't mean its irrelevant, it very much still tests the antivirus protective measures against malware performing certain actions.
Spyshelter hasn't failed this test, or been overcome by a keylogger, or been killed. It's very good, if an anti-keylogger can imcorperate protection like this without interfereing the user. Why don't other antiviruses do the same?
6. We are actually talking about businesses and home users. I beileve it should be blocked on all circumstances. It's something a 5 year old could do, that calls for it being blocked on all platforms.
http://www.av-comparatives.org/wp-content/uploads/2014/04/avc_fw_201403_en.pdf
Saying that, I do agree with your post you linked me to. It is true, and I personally and quite lack with my security which is my own flaw. But, I can admit it at least, I have a firewall with ClamAV built in and then just use my own antivirus. But I do admit that Firewall in your operating system aren't nearly as needed as before.
But they still should have some standard,
the point isn't that firewalls NEED to be the best. It's that if your gonna include a custom firewall make it better than what's already included.
And lastly, Yes. I have used Symantec Endpoint protection. I am good friends with a system administrator for Wells Fargo, who uses it all the time, so I have also used it and did not like the console. I also found its protection was quite mediocre.
I am a fan of Kaspersky's endpoint, advanced console that I think is good for any admin I also feel that its got great protection and
don't think I'm putting down Mcafee's firewall, I'm putting down their antivirus thier firewalls are actually quite good at managing and dealing with network intrusions in a network as the function as both effective firewalls and load balancers allowing traffic to be balanced between each firewall so to prevent a firewall from going down, and if it does it will simply switch firewalls.
This was certainly a strict post on my part, but I'm happy and proud of it because its needed. All big antiviruses have their good points but they still all suck. At RSA confrence last year I beileve a presentation demonstrated a very efficient and good antivirus for the enterprise which blocked a reinactment of the Sony hack.
In the end though, I blame the corperate world as much as the antivirus companies themselves.
Lastly, I used to use Norton a whole lot. And while I also think antiviruses aren't as big of a deal as lets say a good router but I do think they still suck. I have and always will think antiviruses are still pretty useful and i use them but some of them really suck.