Jump to content

ESET behavior shield


novice

Recommended Posts

In a previous post Marcos said that ESET doesn't perform behavior blocking

image.thumb.png.0fc22bda34817cf211974530b15d886c.png

However, in a MRG-EFFITAS tests ESET performed very well using behavior shield:

https://www.mrg-effitas.com/wp-content/uploads/2018/03/MRG-Effitas-360-Assessment_2017_Q4_wm.pdf

image.png.81c774b0477e55c06bc52cf3cab461c3.png

So, is there any behavior analysis in ESET or not?

 

Thanks!

Link to comment
Share on other sites

I assume this might have something to do with DNA signature

 

https://www.eset.com/int/about/technology/

"Detection types range from very specific hashes to ESET DNA Detections, which are complex definitions of malicious behavior and malware characteristics."

 

Link to comment
Share on other sites

Eset has behavioral signatures that work very similar to YARA detection. You can read about YARA here: https://securityintelligence.com/signature-based-detection-with-yara/ . Basically select process behavior in the form of a rule is encoded in the signature.

Additionally, Eset's HIPS also has predefined rules to monitor process activity against sensitive system areas such as the Windows directory and registry.

Finally Eset has AMS, advanced memory scanning, that is monitoring a process's memory areas for malicious code that may be injected.

Eset did very well in this test beating out Kaspersky in overall malware detection. 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...