[ESET AV for Business versus Ransonware]

Why is RanSim treated as a legitimate program and who makes that determination? ESET? What value is there to doing that?

 I'm frustrated by a reoccurring theme of, "You can't use a test to test because we know it is a test." when I ask why ESET totally fails to detect a threat that even Windows Defender stops at least part of.  

  Do you have supporting data that shows where ESET outperforms the competition when they are in the same ransomware scenario?

Troy

 

  

 

[ESET AV for Business versus Ransonware]

 

RanSim behaves exactly like a real threat.  If a new, unknown program appears and starts encrypting and acting on large amounts of local and network files my AV should at a minimum provide a warning.

I don’t want to be combative.  I need data in order to make a strong recommendation that a client should move to a different solution and it is not the graph but the science behind it that makes RanSim an effective evaluation too.

https://knowbe4.zendesk.com/hc/en-us/articles/229040167-RanSim

Troy

[ESET AV for Business versus Ransonware]

Marcos,

 

 This is not an innocuous application.  KnowBe4 has put together a suite of tools to help companies improve their processes and environments and RanSim uses the same techniques the real threats do.  In the early days of AV we had the EICAR test to help prove that the protection would work.  I need that same validation to show why a customer should change to ESET.   If you haven't already I suggest trying the RanSim test for yourself.  Just please don't do like I did and run it against a production PC!  It triggered our proprietary Crypto protection which shut-down all the server files shares.  I've posted my most recent results when testing against Vipre AV.

Regards,

  Troy

 

[ESET AV for Business versus Ransonware]

I saw a related post in the Home product forum and while that one is closed I want to express my concerns about the effectiveness of the ESET ransomware protection.  Here goes!

I used the KnowBe4 RanSim vulnerability test against Vipre AV  and it scored a perfect 10 on on the protection. Stopped everything. 

https://www.knowbe4.com/ransomware-simulator

I ran the same test on ESET AV for Business and it failed all 10 tests.  I was told that ESET support believes the simulation isn't "fair" since the RanSim application both creates the temporary test folders and files and then performs the simulated crypto attack on them.  AVG, Symantec and even MS Windows Defender stopped at least some of 10 attack methods.  

Maybe there are some settings in ESET I'm missing.

Also, what is a "fair" test to demonstrate ESET's effectiveness compared to other products?   If I want clients to change AV protection I need to show them that ESET is better than their current solution.  A strong KnowBe4 test result would have made this a very simple choice.  

Thanks,

 Troy Taylor