Jump to content

Recommended Posts

  • Most Valued Members
Posted

This is interesting and one of the many reasons I  :wub:  Eset

 

 

The principle of this test is very simple and can be made every day a quick opinion on detections of various antivirus products.

 

Full Story: https://threatcenter.crdf.fr/?Stats

 

Way to go Eset !

  • Administrators
Posted

And another example of a massively spammed Waski downloader :) These results were taken after 2 hours since ESET added the detection and I must say it's nothing unusual for ESET to detect (popular) zero-day malware among the first (by Live Grid even hours earlier):

 

ESET-NOD32   a variant of Win32/Kryptik.DHIG   20150505
Kaspersky   UDS:DangerousObject.Multi.Generic   20150505
Norman   Simda.TKP   20150505
Rising   PE:Malware.Obscure!1.9C59   20150505
Tencent   Trojan.Win32.Qudamah.Gen.24   20150505

  • ESET Insiders
Posted

Top work as always Eset *gives two thumbs up* :)

 

This test is likely far more relevant to the real world user than the AV-C, AV-Test, Denis Labs etc tests.

Posted

This test is likely far more relevant to the real world user than the AV-C, AV-Test, Denis Labs etc tests.

 

I am sorry to rain on your parade, but this site is as far from real world as it gets.

 

Real world means two things in my books. For one thing, it has to be about threats that users are actually facing (prevalence), and not some exotic stuff nobody ever encounters. And for another a product needs to be able to use all of its components in order to protect the user. 

 

As for prevalence, I cannot say if CRDF is taking that into account. As for utilizing all of a product's components, they definitely don't. They just use VirusTotal for scanning the samples. This means it's nothing more than a right click scan of a file. Stopping the user from downloading the malware in the first place or any other non signature based methods of protection, like HIPS, behavioral analysis or reputation systems etc? Nope.

 

For what it's worth, a product could be at the bottom of that list and still protect you better than the one at the top. In that regard this site is very misleading. In my opinion this CRDF link should never be posted without a clear disclaimer about how it actually works, because every time I see this come up, it's clear that the poster doesn't understand it.

  • Most Valued Members
Posted

 

This test is likely far more relevant to the real world user than the AV-C, AV-Test, Denis Labs etc tests.

 

I am sorry to rain on your parade, but this site is as far from real world as it gets.

 

Real world means two things in my books. For one thing, it has to be about threats that users are actually facing (prevalence), and not some exotic stuff nobody ever encounters. And for another a product needs to be able to use all of its components in order to protect the user. 

 

As for prevalence, I cannot say if CRDF is taking that into account. As for utilizing all of a product's components, they definitely don't. They just use VirusTotal for scanning the samples. This means it's nothing more than a right click scan of a file. Stopping the user from downloading the malware in the first place or any other non signature based methods of protection, like HIPS, behavioral analysis or reputation systems etc? Nope.

 

For what it's worth, a product could be at the bottom of that list and still protect you better than the one at the top. In that regard this site is very misleading. In my opinion this CRDF link should never be posted without a clear disclaimer about how it actually works, because every time I see this come up, it's clear that the poster doesn't understand it.

 

 

I hate parades so I'm always happy when one is rained out. :)

 

I didn't see any claim made as to the site using the various products nor do they mention anything about "real world."

 

It's clear to me that they submit a database list of about 1000 items to Virus Total and post the results. It's what they say at the top of the site.The link leads to the source and the source explains the how and what just as you discovered.

 

To avoid confusion and misunderstanding is why I didn't post results but rather the link so people could read how the results were obtained before reading the results and come to their own conclusion.

 

They say that the "principle of the test is very simple." I really don't see anything "misleading."

 

What else is there to understand?

 

For clarity:

 

This test is updated every day at two o'clock in the morning on a sample of about 1000 threats (see details for the exact figure). This test is based on the recognition of new threats with antivirus, why we call zero-day detection.

 

The principle of this test is very simple and can be made every day a quick opinion on detections of various antivirus products. This test was created solely for informational purposes. We take the most recent samples of our databases and we subject them to various antivirus products. Once out of the sample, we scan (with VirusTotal Online scanner) directly with the latest update of antivirus products to show their effectiveness

 

Thank you please note and understand that this test is carried out every day automatically via reports generated by VirusTotal. This test is conducted and published an informational purposes only, and we do not guarantee the accuracy of the data. The method used in this test is only based on the analysis proposed by VirusTotal engine.

.

 

Source: https://threatcenter.crdf.fr/?Stats

  • 3 weeks later...
  • 2 weeks later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...