Jump to content

Recommended Posts

Hi,

ESET doesn't do quite as well here. Windows Defender is surprisingly in first place. Can ESET improve the product based on these results?

Greetings

 

Quote

The second group with 2 tests consisted of 8 products. These included the manufacturers G Data, McAfee, Microworld, Norton, PC Matic each with 70 out of 70 possible points. Thus, they detected and fended off all 20 attacks in the 2 tests.

This group also included Avira, ESET and F-Secure. While the packages detected all the attackers, they had occasional problems in the subsequent defensive measures.

https://www.av-test.org/en/news/atp-endurance-test-31-security-products-for-6-months-in-the-advanced-windows-10-test/

Link to comment
Share on other sites

based on the article,

some products were tested for 6 months (3tests), other 4 months (2tests) and other 2 months (1test). thus you cannot compare 3tests participants to 2tests participants. 

Link to comment
Share on other sites

I wouldn't be too concerned about Eset performance in this test. The commercial product scored high;

Quote

ATP endurance test result: 17 corporate user solutions

The second group with 2 tests of company products consisted of 8 packages. In the evaluation, all solutions each detected 20 attacks on the systems. The products from ESET, HP Security, both versions from Kaspersky, Qualys, Symantec and WithSecure all received the maximum achievable 70 points for their protection score.

Only Microsoft Defender Antivirus Enterprise lost a point in the test, achieving 69 points.

which is applicable to ATP attacks. These threat actors are interested in high value targets; not home users.

Edited by itman
Link to comment
Share on other sites

To quote an old trusism, "The devil is in the detail." Let's review in detail the individual consumer set tests.

https://www.av-test.org/en/news/ransomware-and-info-stealers-17-security-solutions-in-the-atp-test/

Eset did not participate in this test set. Question is why?

However, Bitdefender which is supposedly known for excellent ransomware protection, well ..........

Quote

It was not a good test day for Bitdefender. At first, an info stealer was not recognized and was not thwarted over the course of the test. Data was stolen accordingly and the first 4 points were lost. Moreover, in two cases, the attackers with ransomware were detected but not completely stopped. Although other defense mechanisms took effect, individual files were ultimately encrypted in 2 scenarios.

https://www.av-test.org/en/news/disguise-and-deception-how-brand-new-malware-attacks-are-carried-out-on-windows-systems/

Quote

While the protection package from ESET received 30 out of 35 points, in the end it was defeated by ransomware, despite detection of the attack – the data was encrypted! In an additional instance, an info stealer was able to proliferate, despite detection, but it was held up in later steps by an internal protection technique.

Whereas I am not surprised by the ransomware miss, Eset needs to do more work here in their consumer products.

https://www.av-test.org/en/news/cybersecurity-defense-against-the-latest-attacking-techniques-in-the-atp-test/

Perfect detection score by Eset.

Edited by itman
Link to comment
Share on other sites

I hope that ESET also looks at such tests and improves the product.

 

The question is why, for example, Bitdefender is usually always better. What do they do differently or better?

Link to comment
Share on other sites

7 minutes ago, foxtigerjungle said:

The question is why, for example, Bitdefender is usually always better. What do they do differently or better?

Err..... Reread what I posted above. It did not do well against either ransomware or infostealers.

Link to comment
Share on other sites

ESET never treated seriously this kind of tests , with feedback to the posters.

ESET will just embrace the posture" use whatever you feel comfortable with" and that's it!

For years ESET was/is behind Microsoft Defender and /or other free solution.

Yet , they do not seem to be concerned.

Link to comment
Share on other sites

6 minutes ago, rotaru said:

For years ESET was/is behind Microsoft Defender and /or other free solution.

Microsoft Defender "stellar" performance on these tests is suspicious to me. I could not find out any optional configuration product allowances for these tests. However, I strongly suspect that Defender had all available ASR mitigations deployed in these tests.

Link to comment
Share on other sites

20 minutes ago, itman said:

Microsoft Defender "stellar" performance on these tests is suspicious to me.

Sure, if you cannot deny it, make it "suspicious".....

 

Look at all tests in the last 2-3 years on AV Comparatives, Defender is ALWAYS ahead ESET.

There is a free utility (ConfigureDefender.exe) and ANY user can enable ASR mitigations rules by the click of a button.

Edited by rotaru
Link to comment
Share on other sites

15 hours ago, rotaru said:

There is a free utility (ConfigureDefender.exe) and ANY user can enable ASR mitigations rules by the click of a button.

There have been multiple past ransomware bypasses of Microsoft Defender via;

Quote

Windows Defender Controlled Folder Access is its main ransomware protection feature which can be completely bypassed by ransomware pretending to be a trusted process like explorer.exe as seen in this test vs a sample created by our discord community

https://www.youtube.com/watch?v=PEQ7G3XQsIA

Also related is in addition to explorer.exe, many other .exe's that would be allowed access to the Controlled Folders such as notepad.exe run with User privileges. This makes .dll injection into them a trivial matter allowing for ransomware to be deployed from them.

Add to this, attackers have added their malware executable's to MD's real-time scanning exclusion list.

Edited by itman
Link to comment
Share on other sites

9 hours ago, itman said:

Add to this, attackers

You may be right, yet Defender scores high in both AV Comparatives and AVTest, higher that ESET.

The theory is nice, practice prove to be different.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...