MarcFL 28 Posted May 31 Author Share Posted May 31 15 minutes ago, itman said: Finally, I will point out that there is an AMTSO certfied AV lab, MRG Effitas, that includes 0-day ransomware samples in its ransomware certification testing; https://www.mrg-effitas.com/wp-content/uploads/2024/03/MRG_Effitas_360_Q4_2023.pdf Unfortunately, they only test commercial AV products. However, Eset Endpoint Security was tested which includes the same default ransomware protection as does EIS and ESSP. And the report indicates that Eset detected 100% of the ransom samples and simulations and was graded Level 1 Certifid: All threats detected on first exposure or via behaviour protection. Link to comment Share on other sites More sharing options...
rotaru 10 Posted June 1 Share Posted June 1 11 hours ago, itman said: The problem with ASR use is they can only be applied via PowerShell or Group Policy Have you ever heard about ConfigureDefeneder??? https://github.com/AndyFul/ConfigureDefender With a click of the mouse you can set Defender from Default to High to Interactive to Max. All ASR rules are also there , at a click of the mouse. Link to comment Share on other sites More sharing options...
rotaru 10 Posted June 1 Share Posted June 1 10 hours ago, MarcFL said: And the report indicates that Eset detected 100% of the ransom samples So did Microsoft Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 206 Posted June 1 Most Valued Members Share Posted June 1 (edited) 2 hours ago, rotaru said: So did Microsoft There is nothing and no one perfect, everything has a flaw as humankind do have also flaws and these software are made by human so it would be like the human , not perfect It is in the end matter of opinion just like food , you might like a specific meal , but not every place does it how you like I find myself to like 4 security solutions which are different from eachother , Sophos Hitman , Fortinet stuff , ESET , Kaspersky and I still use ESET as the realtime scanner and I still like the other solutions that I mentioned. Nobody prevents you to try or use another solution , what you are doing is pointless to be honest and won't change anything in real life or scenarios. And in the other hand , Microsoft defender cloud would have larger database because it's included inside the Windows , so everyone have Windows 10, 11 , have a defender connected to their cloud so they can get data from it , for malware and stuff like that , and can have a faster response to malware because of larger user base, but still easily defeated and disabled by malware developers and yet they are still sometimes late to detect malware even if you send it manually to them Edited June 1 by Nightowl Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 1 Share Posted June 1 5 hours ago, rotaru said: So did Microsoft Appears you missed this in the report. Comparing default MD installed in Win 10/11 to MD ATP protection-wise is a "apples vs. oranges" comparision. Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 1 Share Posted June 1 5 hours ago, rotaru said: Have you ever heard about ConfigureDefeneder??? i am aware of it. The question is if the average consumer PC is and if so, would he actual use it? MarcFL 1 Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 1 Share Posted June 1 3 hours ago, Nightowl said: but still easily defeated and disabled by malware developers A point "our friend" refuses to acknowledge. Sticking your head in the "bypass sand" does not make the problem go away. MarcFL 1 Link to comment Share on other sites More sharing options...
MarcFL 28 Posted June 1 Author Share Posted June 1 6 hours ago, rotaru said: So did Microsoft If you're trying to convince yourself that Windows Defender is as good as Eset or other retail antivirus products, then just go use the free MD... Link to comment Share on other sites More sharing options...
rotaru 10 Posted June 1 Share Posted June 1 1 hour ago, itman said: if the average consumer PC is I consider myself "above average", yet I have difficulties to navigate through ESET over 150 settings combinations. This is the main reason why I buy 3-4 ESET every year (Christmas time , $9-14 NOD32) only to let them expire. It is the most cumbersome AV I tried so far. Now I use Trend Micro, simple, elegant. Look in PC Mag review for NOD32: Link to comment Share on other sites More sharing options...
MarcFL 28 Posted June 1 Author Share Posted June 1 (edited) I'm an IT System Admin, so I appreciate all the settings and don't find them confusing. The vast majority of users do not change the default settings. Yet, the most common basic Eset settings are easy to understand. IMO this trend represents a "dumbing down" of society, as options and settings are eliminated or concealed behind a facade of one-click operations, with big buttons, short menus and a "one size fits all" mentality, both in Windows and in a vast array of other applications by many other companies. Some say this is due to Gen Z, who they claim are easily confused and distracted with short attention spans. Edited June 1 by MarcFL TheStill 1 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,267 Posted June 1 Administrators Share Posted June 1 I too prefer more granular settings to having just a few options without the ability to tailor the configuration to my liking. Imagine having just one setting to pause overall protection without the ability to pause real-time protection, web protection, etc. separately or without the option to define exclusions. The mag was complaining about complex Device Control settings. If that's a real issue, we are open for constructive feedback from the mag, you or whoever finds the settings complex and difficult to set up on how to make it easier while keeping all current functionalities and options customizable. MarcFL 1 Link to comment Share on other sites More sharing options...
rotaru 10 Posted June 1 Share Posted June 1 3 minutes ago, MarcFL said: The vast majority of users do not change the default settings. OK, this is a "Consumer product" why have 100 settings if "The vast majority of users do not change the default settings."???? Look at Avira, Kaspersky, Trend Micro .... all designed with the "consumer" in mind, having few logical settings. Anyway, enough discussion..... Link to comment Share on other sites More sharing options...
MarcFL 28 Posted June 1 Author Share Posted June 1 So screw everyone else who do want to customize the settings? Re-read my "dumbing down" paragraph... Link to comment Share on other sites More sharing options...
rotaru 10 Posted June 1 Share Posted June 1 2 minutes ago, Marcos said: Imagine having just one setting to pause overall protection without the ability to pause real-time protection, web protection, etc. separately The guy from the internet just did that to test the ransomware module and you said noooooo.... Now is a good thing???? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,267 Posted June 1 Administrators Share Posted June 1 1 minute ago, rotaru said: Now is a good thing???? Where did I say that pausing real-time protection is recommended? However, there are times when the user may want to it, e.g. when restoring a false positive from quarantine and creating an exception or submitting it to ESET for analysis. Link to comment Share on other sites More sharing options...
rotaru 10 Posted June 1 Share Posted June 1 3 minutes ago, Marcos said: when restoring a false positive from quarantine and creating an exception When restores a false positive from quarantine the user shouldn't have to pause any shields.... Just a right click on the file, choose "restore" and an exception should be created automatically....... In my opinion (the last one) ESET is way overengineered and refuses to adapt to the consumer market. Sophistication is not a good thing: on your car , which has several computers, you have a single light "Check engine soon" which turns ON or OFF accordingly. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,267 Posted June 1 Administrators Share Posted June 1 We already had an option to toggle simple user GUI mode in v3 if I remember correctly and it wasn't accepted by the majority of users. MarcFL 1 Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 1 Share Posted June 1 51 minutes ago, rotaru said: Now I use Trend Micro, simple, elegant. The main issue with Trend is false positives. In AV lab tests, it has the most false positives of any product tested. If you can live with this fine. MarcFL 1 Link to comment Share on other sites More sharing options...
MHRSFI 1 Posted June 1 Share Posted June 1 In my experience with multiple commercial products, I find ESET one of the most reliable and easy to use product (I don't mean its prefect at all) but I do think HIPS setting of the product it's a little bit confusing! For example, it's not clear what Smart/Auto filtering modes do differently! Or having a webpage for some manual rule to protect against ransomware! Shouldn't this be part of the options in product? https://support.eset.com/en/kb6119-configure-hips-rules-for-eset-business-products-to-protect-against-ransomware https://support.eset.com/en/kb6132-configure-firewall-rules-for-eset-endpoint-security-to-protect-against-ransomware Even in these 2 webpages, there isn't a lot of explanation why you should set these rules. MarcFL 1 Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 1 Share Posted June 1 2 minutes ago, MHRSFI said: Or having a webpage for some manual rule to protect against ransomware! Shouldn't this be part of the options in product? I agree. The rules should be included by default in a disabled state. Then an option provided to activate them. MarcFL 1 Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 1 Share Posted June 1 Getting back on ransomware prevention topic, I already posted previously that the primary source of ransomware is phishing. I have always adhered to the trusism, "an ounce of prevention is worth a pound of cure." So below is how MD ATP performed against MRG Phishing tests. BTW - MD ATP was not certified for phishing protection. MarcFL 1 Link to comment Share on other sites More sharing options...
matte 4 Posted June 1 Share Posted June 1 (edited) Want to add my appreciation for the configurability of ESET as well, one of the reasons why I prefer this AV to other AV providers. Don't see how it could become a problem for "normal" users either since it's all tucked into the "Advanced Setup" part of the software as well. Edited June 1 by matte MarcFL 1 Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 1 Share Posted June 1 4 hours ago, MHRSFI said: https://support.eset.com/en/kb6119-configure-hips-rules-for-eset-business-products-to-protect-against-ransomware https://support.eset.com/en/kb6132-configure-firewall-rules-for-eset-endpoint-security-to-protect-against-ransomware Even in these 2 webpages, there isn't a lot of explanation why you should set these rules. Actual, those rules just don't help mitigate ransomware attacks. They also prevent other malware attacks from abusing Win "living-off-the land" trusted binaries. Link to comment Share on other sites More sharing options...
Recommended Posts