Webroot

I have not paid any attention to Webroot, but I see it is highly thought of by some. However, I do not see it in test by AV-C. Am I missing it? Why is it considered so good?

Thanks,
Jerry

 

https://www.wilderssecurity.com/showpost.php?p=2295335&postcount=204
WSA is the fastest, lightest and most efficient security solution. It also has extremely rapid and well technical support. Just try it and see the magic. https://www.wilderssecurity.com/showthread.php?t=354285

 

Count me in with those skeptical of Webroot SecureAnywhere.

In the recent Matousec test, SecureAnywhere scored 22% out of 100. The protection level = “None.” And the product was listed as “Not Recommended.”

http://www.matousec.com/projects/proactive-security-challenge-64/results.php


In the recent MRG test, SecureAnywhere came in 11th place (of 17) in initial detection. In the ‘time to detection’ test, SecureAnywhere came in 9th place – again in the bottom half.

http://www.mrg-effitas.com/mrg-effitas-project-36-mrg-effitas-time-to-detect-assessments-q2-q3-2013/


In the last “Real World” test at AV-C in which Webroot participated, SecureAnywhere finished second to last. That is, they finished 20th (of 21), only beating AhnLab. SecureAnywhere received the lowest possible rating.

http://www.av-comparatives.org/wp-content/uploads/2012/12/avc_prot_2012b_en.pdf


I’m not sure why the product is popular around here lately.

For those of us who have been around this forum for awhile, we periodically see products that don’t test well get popular -- even though there is little real evidence that the product is better than others. And then when supporting test results are not forthcoming... the same old testing excuses are rolled out…

Dr. Web had a good fanboy club for awhile… Panda and AVG also had their 15 minutes of fame on the board while never really demonstrating that the product was better than the competitors…

Ya, I don't get it. To me it seems UnsecureEverywhere.

 

Matousec is an HIPS test, so it doesn't apply

For the "real world" test the reason why WSA scores low are explained here:
https://community.webroot.com/t5/We...where-not-so-good-in-AV-comparative/td-p/6112
https://community.webroot.com/t5/Se...mparatives-and-Our-Unique-Approach/td-p/12380

I think they are working together with AVC to prepare a methodology able to reflect the real conditions under WSA should be tested.

 

In AV-Test.org test:
http://www.av-test.org/en/tests/home-user/producer/webroot/

 

Frank

You are obviously not keeping up with the times...

A couple of the test sites are currenlty in the process of reviewing their testing process and tests to more accurately cater for WSA's unique approach to end user security. It seems that they are starting to accept that the tests themselves count against WSA due to the very nature of the how they test.

I will try to find the references to these...they are buried in some recent posts.

Regards


Baldrick

 

The references are 2 posts above from yours

 

I agree. My buddy bought a computer from Best Buy and they put WSA on it. Within 6 months he had to take it back and it was full of malware. They fixed it and it happened again in 1 month. He took it back and they put Kaspersky on it and he hasn't been back. The reality is, some are just better then others, period.

 

Thanks, All. It appears to me that the praise of Webroot is misplaced.
Jerry

 

Thanks Frank...those are useful...but it was actually a couple of others that I was thinking of...I seem to remember that they were posted 3 or 4 months ago.

I will keep looking.

Regards


Balders

 

I can understand why users would rate an AV they find super light and stable very highly until/unless they get infected. IMO user feedback is usually even more accurate than test results when interpreted well enough since it comes from the real world. Some products can get underrated in tests despite *apparently* doing great IRL, but AFAIK/understand people only talk about how light Webroot is; there's not much that suggests it should be particularly effective apart from "Using for over X years and never been infected!" (which isn't necessarily said by everyone who's stayed infection-free).

Then again, they wanted a test that can evaluate its technologies just as well as those of the others (there was some interesting stuff here, didn't sound too much like an excuse), so when they get it, it'll probably look a bit better, but still not particularly great.

 

Sounds like the journaling/roll-back function didn't work properly.

 

Jerry...I have used it off and on for over a year and no problems. I don't treat all AV tests as the gospel....I can only say it works for me but I also try to use common sense. The support is good if you need it.

 

Unlike some others, these two products do consistently prove to be average/above average and also usually pass tests satisfactorily enough to assume decent protection. For this reason, one can understand why these products are popular, especially if things other than just detection rate are taken into account. Dr.Web? Webroot? Different tests show wildly inconsistent results, however they may have users for aforementioned reasons (i.e. factors other than just detection/protection rate).

 

Re: Webroot UnsecureEverywhere

Wow, that test is pretty bad too.

http://www.av-test.org/en/tests/home-user/windows-7/julaug-2013/

Results:

Detection: Webroot 21st out of 25

Performance: #1 So that is good (Typical actions are used to measure the influence on the system speed)

Usability: Webroot 22nd of 25

But if the product does not detect and is not usable, performance sorta does not matter.

Lots of products have made excuses about how they are unique and tests don't fully appreciate the way they operate... or how some products game tests... or how they are designed for the 'real world'.... but it's mostly just blowing smoke. Tests are designed to reflect real world conditions.

Generally products don't test well for one reason >> they are not as good as the products that do test well.

That is all.

 

@JerryM & Frank the Perv - Do you see legitimate users come here and say I'm infected help! Not the one's that purposely infect there systems. Also WSA I have 17 users in my Online console and I hate to say my Sister Inlaw is a Happy Clicker and I told her to never to ignore any warnings from WSA and so far in the last 2 years she has never been infected actually none in my Online Console have ever been infected to me this is Real World testing and the Results speak for themselves.

Regards,

TH

 

We're working with AV-C and AV test on testing methodology which will be more reflective of how WSA works (and it will be tested alongside the other AV vendors using the same methodology).

 

That's definitely surprising, as we've had extremely good feedback overall from Bestbuy about our clean rates. I know it's a bit late now, but if you happen to have his license key or an email address, we'd be very interested in taking a look.

Thanks!

 

Re: Webroot UnsecureEverywhere

False positives are counted in usability tests, and we had a run of FPs when AV test was testing. The current tests are not truly real world examples - they aren't visiting malicious websites with a browser and being infected, or running software from a USB stick, etc. and they are reimaging the systems the systems before many infections take hold, while they're just sitting idle.

Both AV comparatives and AV test agree that WSA is different and can't be tested like the normal products, which is why we're all working together on being able to better test it.

 

Since you brought up Matousec, they also condemn ESET, Bitdefender, Norton, Avast, and until recently, Kaspersky. Go figure!

 

I'm surprised we score even 22% at Matousec - from what I understand of their tests, we should score zero as we whitelist their tools to intentionally not find them.

 

Re: Webroot UnsecureEverywhere

Wow, that tests are pretty good.

http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=131447
http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=130566
http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=124574
http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=123649
http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=122643
http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=121849
http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=121361
http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=120525

 

Why do I like Webroot?

Simple:
I am directly responsible for the security of several hundred machines and indirectly responsible for the customer impression of several thousand. I also need to make sure the machines are usable and I need to fix them when they are not, whether it be because of malware or "OMG it's slow every day at noon!" (when it scans).

Prior to SecureAnywhere, I dealt with an average of 10-30 cleanups and reimages a week due to heavy infections, as well as just as many fixing generic stuff related to security or AV or infections. Since SecureAnywhere, I've dealt with -one- problem at all, and that's if you can count "Called Webroot support, waited on hold for zero seconds, and they fixed it free in 22 minutes" as "dealt with a problem".

Did I go into it blindly? Hell no. I've been in the security industry for over 17 years and I've always looked at coding as a "Make it the most efficient you can. Don't throw fifty lines of code to do something that could be done in two."... I've looked at what I've always wished AV programs would do, and saw that Webroot actually bothered to do good chunk of them. The ones it doesn't is because it still has to allow the user to do stupid things like click "Yes, I know you have made it completely clear that martha_does_fred.avi.exe is a virus, but I don't believe you and I really want to see Martha under Fred, so put it back and stop trying to take away what I think is porns!".

Either way, I don't make excuses. I don't force anybody to use it unless they pay me to. I use it because I've not seen anything do better. Ever. But YMMV, so use it or don't as you see fit.

 

The OP certainly made his/her mind up pretty sharpish! @trjam All my friends (buddies) who have used WSA have never had an infection after using WSA, that includes me too!

(being a cynic I sometimes wonder about such threads that suddenly appear but I'm sure it's my imagination)

 

Re: Webroot UnsecureEverywhere

Looks like we'll disagree with each other a lot.

I'm no fan of Webroot, but TBF Symantec and Webroot's cases are a bit different. The former just wanted the ones they could look good on despite that the poor results in detection tests can be balanced out by the protection/"real world" results. If they supposedly don't care about detection, why should they be afraid of showing it? I know, I'm comparing something that gets mixed results to another getting all around poor ones, but at least Webroot didn't do anything this shady.

That said, it does look like getting the tests they want will only help Webroot a little.


PS: re: how others game tests: Why would Microsoft even admit to cheating in detection tests if they didn't? Not to say testing well fair and square is impossible, but still.