Jump to content

Where is Eset in the AV-TEST test?


Recommended Posts

  • Most Valued Members
Posted (edited)
6 hours ago, New_Style_xd said:

Want a convincing answer because eset was not on the list of tested antivirus?
why were you left out?

link: Test antivirus software for Windows 10 - February 2022 | AV-TEST

Yes in AV-Test , you won't find ESET , You can find for Endpoint version - https://www.av-test.org/en/antivirus/business-windows-client/windows-10/february-2022/eset-endpoint-security-9.0-222112/

Here you will find it also consumer: https://www.av-comparatives.org/

Edited by Nightowl
Link to comment
Share on other sites

6 hours ago, Nightowl said:

There is a difference between AV-Test testing of commercial products and consumer products:

Quote

Real-world test routine

Whereas the products for home users are installed with default settings, the manufacturer is able to specify the configuration of corporate solutions. The products are updated and have complete Internet access at all times.

Test routine for the AV-TEST reference set

Whereas the products for home users are installed with default settings, the manufacturer is able to specify the configuration of corporate solutions. The products are updated and have complete Internet access at all times.

https://www.av-test.org/en/about-the-institute/test-procedures/test-modules-under-windows-protection/

A-V Comparatives also allows the above for commercial product tests. However, A-V Comparatives  states in their test reports if any configuration changes were made and what they were. I could not find any such disclosure in AV-Test test reports.

Edited by itman
Link to comment
Share on other sites

As far as Eset commercial product AV labs tests go, one might want to refer the latest MRG Effitas 360 Assessment test: https://www.mrg-effitas.com/wp-content/uploads/2022/02/MRG_Effitas_360_Q4_2021.pdf .

Eset did not get certified due to failure of the ransomware tests.

Edited by itman
Link to comment
Share on other sites

  • Administrators
33 minutes ago, itman said:

As far as Eset commercial product AV labs tests go, one might want to refer the latest MRG Effitas 360 Assessment test: https://www.mrg-effitas.com/wp-content/uploads/2022/02/MRG_Effitas_360_Q4_2021.pdf .

Eset did not get certified due to failure of the ransomware tests.

When referring to this test, note that it was not an actual ransomware that was used but a simulator. ESET does not detect simulators in principle since it does not tell anything about protection against actual malware. Also if you check the remark below the table, ESET detected the ransomware behavior after some files got encrypted:

image.png

ATM I can't tell if ESET LiveGrid feedback system was enabled but I assume it wasn't in order to prevent the test samples from being submitted. However, the LG feedback system is required for the Ransomware shield to work effectively. Checking with a colleague to find out more about this setting in the test.

Link to comment
Share on other sites

28 minutes ago, Marcos said:

When referring to this test, note that it was not an actual ransomware that was used but a simulator.

Nice try.

43 actual ransomware samples were used and Eset missed one of them. It also behavior blocked one. Assume some files were encrypted in the behavior block instance :Eset_Miss.thumb.png.b626a1f59ad27077b671e3f74a04de3e.png

Edited by itman
Link to comment
Share on other sites

As far as the MRG ramsonware simulator test goes, the two of the four samples Eset detected by behavior after some files were encrypted are actual ransomware:

Quote

Test case 3 - Chaos v3
Chaos Ransomware is based on Hidden Tear and with version 3.0, the Chaos ransomware gained the ability to encrypt files under 1 MB using AES/RSA encryption, making it more in line with traditional ransomware

Test case 4 - Chaos v4
Chaos Ransomware is based on Hidden Tear and the fourth version of Chaos expands the AES/RSA encryption by increasing the upper limit of files that can be encrypted to 2 MB

Chaos is also a hybrid ransomware/wiper variant as noted below:

Quote

If the file size is greater than ~2MB and less than ~200MB, random bytes of the length (filesize/4) are generated and written in the encrypted file in Base-64 encoded format. If the file size is greater than ~200MB, random bytes with the length greater than ~200MB and less than ~300MB are generated and kept in the file in Base-64 format. This makes these files completely useless.

https://blog.qualys.com/vulnerabilities-threat-research/2022/01/17/the-chaos-ransomware-can-be-ravaging

Assumed here is files were also "trashed" prior to Eset behavior detection.

Edited by itman
Link to comment
Share on other sites

On the Av-comparatives website, Eset is also behind the other free competitors.

link: Real-World Protection Test July-October 2021 - AV-Comparatives

image.png.185cc36986aa161d9c59f789b9c14d5f.png

For companies also behind other competitors.

link: Business Security Test 2021 (August - November) - AV-Comparatives

image.png.5c875e5b5ef187b0e5897523f8ea3f61.png

Link to comment
Share on other sites

  • Administrators
3 minutes ago, New_Style_xd said:

On the Av-comparatives website, Eset is also behind the other free competitors.

So what are the reasons why you keep using ESET? I guess it's personal experience and not just test results.

Link to comment
Share on other sites

As far as A-V Comparatives test reports go, the one to review is their annual summary report: https://www.av-comparatives.org/tests/summary-report-2021/ . This report summarizes all individual comparative tests performed during the year.

As far as the Advanced Threat Protection (ATP) test goes, both Eset and Kaspersky were awarded silver level awards.

Of note is where Microsoft Defender was ranked.

Link to comment
Share on other sites

1 hour ago, Marcos said:

So what are the reasons why you keep using ESET? I guess it's personal experience and not just test results.

The reasons and that I believe ESET can be better than these tests show each time it is tested.

Link to comment
Share on other sites

I will note this about the major AV labs tests.

With almost all tested AV vendors scoring 98% or better on the real-time tests; the minimum certification score is 98%, no one on the web security forums pay any attention to them anymore. It is somewhat obvious that if these tests reflected the real world current status of malware detection, no one would be getting infected anymore.

The only AV lab test I put any trust in anymore is the testing done by AVLab in Poland who BTW is not an AMTSO member. Unfortunately, Eset no longer participates in their periodic test series.

Edited by itman
Link to comment
Share on other sites

I agree.
Now if these tests do not represent anything, why the company makes greater effort to participate in the tests?
If these tests were worthless. so that independent companies like av-test and av-comparative would spend money to do the tests?

Link to comment
Share on other sites

I am on on-gain off-again user of ESET antivirus; light and elegant.

To satisfy my curiosity i periodically "inspect"  Malware Bazar and get the latest sample MD% to be analyzed on VirusTotal.

ESET will detect most of them but not all.

On the other hand , the combination Defender+Malwarebytes did detect each and every sample, without exception.

I do have 5 lifetime licenses for Malwarebytes. So. most likely I will take the loss and use Defender+Malwarebytes.

Link to comment
Share on other sites

6 minutes ago, New_Style_xd said:

Now if these tests do not represent anything, why the company makes greater effort to participate in the tests?

Most commercial concerns IT auditing sources require that an AV product be certified by a major AV lab.

Link to comment
Share on other sites

  • Most Valued Members
On 4/5/2022 at 9:55 PM, New_Style_xd said:

I agree.
Now if these tests do not represent anything, why the company makes greater effort to participate in the tests?
If these tests were worthless. so that independent companies like av-test and av-comparative would spend money to do the tests?

Also a good test result can be good marketing. Some people will put too much trust in tests however and move AV depending on results. A bad testing AV is obviously not a good thing but for me it tends to come down to your own preference and being safe also plays a part.

The scary thing is that many non professionals are testing AVs these days i.e via YouTube. A lot of these testers can manipulate the results e.g. by not showing everything they did. I saw one YouTuber who got accused of trying to show a virus that a particular AV had missed but the tester had apparently put the virus into the AVs exceptions, but not shown this

Link to comment
Share on other sites

37 minutes ago, peteyt said:

Some people will put too much trust in tests

You have to trust somebody or something , other than the AV producer , which will claim that its AV is the best thing since sliced bread.

Look at Defender: silent, modest, free, yet 99.9-100% detection in any test in the last 3-4 years. What it is not to like????

Link to comment
Share on other sites

45 minutes ago, peteyt said:

Also a good test result can be good marketing. Some people will put too much trust in tests however and move AV depending on results. A bad testing AV is obviously not a good thing but for me it tends to come down to your own preference and being safe also plays a part.

The scary thing is that many non professionals are testing AVs these days i.e via YouTube. A lot of these testers can manipulate the results e.g. by not showing everything they did. I saw one YouTuber who got accused of trying to show a virus that a particular AV had missed but the tester had apparently put the virus into the AVs exceptions, but not shown this

I agree with your comment, many users change ANTIVIRUS because of the results. as I like ESET a lot every time I see the tests by these big companies the ESET goes bad against other free antivirus it makes me very sad. when i look at other antiviruses they have a lot of additional tools in their products.

Link to comment
Share on other sites

7 minutes ago, total said:

You have to trust somebody or something , other than the AV producer , which will claim that its AV is the best thing since sliced bread.

Look at Defender: silent, modest, free, yet 99.9-100% detection in any test in the last 3-4 years. What it is not to like????

Exactly, Microsoft's machine learning servers are very powerful and not to mention they have a huge database, because they have many customers. but it also lacks additional tools and doesn't have a very bad interface

Link to comment
Share on other sites

 

45 minutes ago, total said:

Look at Defender: silent, modest, free, yet 99.9-100% detection in any test in the last 3-4 years. What it is not to like????

Don't kid yourself. Here's what MD scored in the latest AVLab Poland test. It's all about what malware samples are used in testing. As noted, AVLab is not an AMTSO member and as such, doesn't have to conform to its "best practices" in regards to malware testing.

AVLab_Poland.thumb.png.42505d15b5c9f5fda9769b70c2d13a24.png

Edited by itman
Link to comment
Share on other sites

First of all I want to say that I don't mean to compare between products.

From my experience, I have used various antivirus products such as McAfee, Avast, AVG (now Avast twin), Kaspersky, Norton, Symantec Endpoint and even today we still subscribe to three antivirus products. We have McAfee (50), we got this because of a promo, but sadly only 1 we decided to use, ESET Endpoint Security (9), ESET Internet Security (10) and Kaspersky Internet Security (1). From my personal experience, I prefer to use ESET until now. In terms of protection I think they're all okay as long as you regularly update to the latest version and use the pro version, because so far we haven't had any serious problems with any of the three active products. But when it comes to design and ease of modification I personally really like ESET. The things I really like about ESET is the ESET Firewall and HIPS. ESET Firewall is very simple but I find it very effective too, for HIPS I can choose to protect files without having to depend on certainty from virus database. Btw, I have also been following reports regularly from AV-Test, VirusBulletin and AV-Comparatives since 2012. In the end, I only consider these reports as complementary and not the main reference to choose the right product for me.

I agree with this statement:

On 4/6/2022 at 3:40 AM, itman said:

With almost all tested AV vendors scoring 98% or better on the real-time tests; the minimum certification score is 98%, no one on the web security forums pay any attention to them anymore. It is somewhat obvious that if these tests reflected the real world current status of malware detection, no one would be getting infected anymore.

 

Link to comment
Share on other sites

  • Most Valued Members
8 hours ago, total said:

You have to trust somebody or something , other than the AV producer , which will claim that its AV is the best thing since sliced bread.

Look at Defender: silent, modest, free, yet 99.9-100% detection in any test in the last 3-4 years. What it is not to like????

Oh I agree. Every AV will attempt to market their product as the best, so AV results can and do play a part. However I always take them with a pinch of salt. People say data doesn't lie but it can be shown in certain ways to make things look a certain way.

i.e a test could look good for one particular AV but someone could have made sure they used samples they knew would make that particular AV look good and another bad. I'm also wary on some of the review sites as certain ones you come across look paid for. It makes me think about a lot of these VPN review websites that are actually owned by VPN companies.

But my main point was that personal preference should also play a part. If you use a particular AV and have never had any issues/never been infected, is it worth moving when one AV scores slightly higher on 1 test. It's down to what works for the user really.

That being said, while I've never been infected with Eset, I do think there are some features that are missing, and I've mentioned this before. My main concern with Eset is it doesn't put things in that could be seen as confusing and possibly risky for general users. @itmanhas in the past suggested a kind of professional version to avoid those issues 

5 hours ago, Mr_Frog said:

First of all I want to say that I don't mean to compare between products.

From my experience, I have used various antivirus products such as McAfee, Avast, AVG (now Avast twin), Kaspersky, Norton, Symantec Endpoint and even today we still subscribe to three antivirus products. We have McAfee (50), we got this because of a promo, but sadly only 1 we decided to use, ESET Endpoint Security (9), ESET Internet Security (10) and Kaspersky Internet Security (1). From my personal experience, I prefer to use ESET until now. In terms of protection I think they're all okay as long as you regularly update to the latest version and use the pro version, because so far we haven't had any serious problems with any of the three active products. But when it comes to design and ease of modification I personally really like ESET. The things I really like about ESET is the ESET Firewall and HIPS. ESET Firewall is very simple but I find it very effective too, for HIPS I can choose to protect files without having to depend on certainty from virus database. Btw, I have also been following reports regularly from AV-Test, VirusBulletin and AV-Comparatives since 2012. In the end, I only consider these reports as complementary and not the main reference to choose the right product for me.

I agree with this statement:

 

Just to check, your not using more than one AV at the same time are you?

Link to comment
Share on other sites

  • Most Valued Members
9 hours ago, total said:

You have to trust somebody or something , other than the AV producer , which will claim that its AV is the best thing since sliced bread.

Look at Defender: silent, modest, free, yet 99.9-100% detection in any test in the last 3-4 years. What it is not to like????

Defender is always targeted by good developed malware and it is disabled very fast

Recently only Microsoft added the Anti-Tamper protection that would let Defender protect itself from modifications that would completely render it useless , but I don't know if the Anti-Tamper is still good enough

Windows Defender can be completely shutdown by a registry entry, or from Group Policy , I don't know if that still works.

But still ESET or any other popular vendor still perform better than Windows Defender , if you remove the cloud access to Defender it will weaken it so much, still have much more false positives and for sure other AVs have more protection modules than what Defender would offer.

Link to comment
Share on other sites

1 hour ago, peteyt said:

Just to check, your not using more than one AV at the same time are you?

Off course not 😁, if so they are will fight each other haha.

I have 21 Computers (Include PC and Laptop) in my environment/small office:

* 1 Computer installed McAfee

* 1 Computer installed Kaspersky Internet Security

* 10 Computers installed ESET Internet Security

* 9 Computers installed ESET Endpoint Security

That is what i mean 😁.

Link to comment
Share on other sites

  • Marcos locked this topic
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...