novice 20 Posted November 14, 2018 Share Posted November 14, 2018 In a previous post Marcos said that ESET doesn't perform behavior blocking However, in a MRG-EFFITAS tests ESET performed very well using behavior shield: https://www.mrg-effitas.com/wp-content/uploads/2018/03/MRG-Effitas-360-Assessment_2017_Q4_wm.pdf So, is there any behavior analysis in ESET or not? Thanks! Link to comment Share on other sites More sharing options...
Azure Phoenix 10 Posted November 14, 2018 Share Posted November 14, 2018 I assume this might have something to do with DNA signature https://www.eset.com/int/about/technology/ "Detection types range from very specific hashes to ESET DNA Detections, which are complex definitions of malicious behavior and malware characteristics." Link to comment Share on other sites More sharing options...
itman 1,541 Posted November 14, 2018 Share Posted November 14, 2018 Eset has behavioral signatures that work very similar to YARA detection. You can read about YARA here: https://securityintelligence.com/signature-based-detection-with-yara/ . Basically select process behavior in the form of a rule is encoded in the signature. Additionally, Eset's HIPS also has predefined rules to monitor process activity against sensitive system areas such as the Windows directory and registry. Finally Eset has AMS, advanced memory scanning, that is monitoring a process's memory areas for malicious code that may be injected. Eset did very well in this test beating out Kaspersky in overall malware detection. Link to comment Share on other sites More sharing options...
Recommended Posts