https://www.av-test.org/fileadmin/pdf/reports/AV-TEST_Kaspersky_Ransomware_Test_September_2021_EN.pdf source
literally under the title: "The test was commissioned by Kaspersky and conducted by AV-TEST GmbH. All rights to the test results and the report belong to Kaspersky"
If Kaspersky sponsored this, it is the equivalent of companies paying another company to evaluate a product or service and this happens a lot in the real world. So conflicts of interests abound...
Personally, when I see this kind of commissioned test, I sometimes prefer to focus on the one that got second place.
If one vendor got 86% in one of the tests Kaspersky getting 100% is definitly not out of "not cheated in any way" territory. Plus this is the only av-test that doesn't show all vendors with 99% protection rate, so it is actually useful. We need more tests like this. This is actually the only av-test worth looking at, av-test's normal tests are useless cuz they all say 99% or stuff like that, cruelsister been saying it for long time that they're useless cuz everyone gets high scores cuz they scan easy files or old files. Even if you take kaspersky's results with a grain of salt, the results of the other programs should not be modified. At the very least they should be with default settings, but i highly doubt Kasperksy went on and just used the worst settings, after all, AV-TEST is not just gonna stand there and look while the kaspersky guy is setting the worst settings for the other programs... So while Kaspersky may have inflated its score (although again if someone else got 86% kaspersky getting 100% legitimately is not unreasonable at all), at least we know the scores of the other programs are correct. Also i think avast is missing because its hardened mode would slaughter ransomware. Keep in mind the Enterprise version of many vendors is the same as the home version with maybe more indepth firewall scanning and ofc all the enterprise tools like cloud management remote management control panel etc. etc. but the protection stuff is usually the same as in the home version aka nothing new is added altho for some it is. Bitdefender getting 36% is not surprising at all if we judge by that Kaspersky vs Bitdefender video in youtube where kaspersky with just 1 component has 100% protection rate while bitdefender with ALL its components still misses 1 sample out of like 60 smth. I don't know about the other AVs but chances are they used default settings but ESET failing with 0% is quite disappointing if there isn't smth that isn't turned on by default that would make all the difference (like avast's hardened mode would). Also Microsoft with Configure Defender should definitely get higher score, i think. Pretty much the only think that bypasses it is Trusted Stuff, but it's not easy to get such trusted certificate for malware. But ofc i highly doubt they applied SRPs and all the other stuff from Configure Defender for testing Microsoft. @Triple Helix Webroot 0% ~ Off Topic Video Removed ~
McAfee Endpoint is the best but it's hardest to configure. Took 2 weeks to learn to configure it for my likings. The best, effective EDR solution i've used.
LOL, I also didn't even notice that it was sponsored by Kaspersky. However, this doesn't mean that the test results are bogus. Good to see that almost all tools had no problems with blocking real life ransomware samples. I'm not sure what to think about the proof of concept ransomware test, I assume these were simulators. But the question is, why did so many tools have difficulty protecting remote shared folders? Hopefully they will be able to improve this. Especially from Sophos I expected more, because it's based on HMPA's CryptoGuard.
Prob because they were either very simple malware or just already marked as malware by signature Yeah the last one's weird. I never used remote folders so i can't comment. But on that test specifically, i'm sure kaspersky adjusted their program beforehand to block em.
I don't think these samples were simple or anything, they probaly got caught by the cloud scanners that almost all AV's are using nowadays. And Kaspersky simply knew that it would nail this test, while others would fail, nothing wrong with that. Like I said, they did sponsor this test but that doesn't mean those results weren't real. Makes me think about years ago when SurfRight released a sponsored test where HitmanPro.Alert performed way better than other anti-exploit tools. But then Malwarebytes striked back with another report where MBAE performed better LOL.
Yeah people are wondering if "this test is real". This is the only real test we've seen from av-test in a long time. What's the point of comparing AVs if they all say 6/6 or 5.5/6? Such a flawed useless metholodology. Turn off the cloud scanning and stuff like that and only then you can test how much it protects. Or try to calculate TTD as cruelsister said it, time to detection of a file.
Yes exactly, finally a test where everything is explained clearly how things are tested, similar to testing done by MRG Effitas. I hate it when they don't disclose what type of malware was tested and which samples AV's failed to block.
MRG Effitas is jsut as trash https://www.mrg-effitas.com/wp-content/uploads/2021/08/MRG_Effitas_360_Q2_2021.pdf Everyone getting 99% and 100%, no conclusions at all other than Malwarebytes and Trend Micro are trash (or not configured properly, or bad default configuration) Also u can tell the amount of tests they used by the number. In the exploit/fileless test, they go by 12.50%, so they used exactly 8 samples. Well it's possibly th ey used any number of 8, like 16 24 32 but that's extremely unlikely because there's not even one 6.25% test. So they used 8 samples. And then on the false positives they used 1000 (again extremely likely) because of the lowest number being 0.10%. So other than Trend Micro sucking and Malwarebytes ironically cuz of MBAE with its exploit protection missing everything, there is no other conclusion u can get from their testing because just like all the other testing labs EVERYTHING IS AT 99 or 100%!!!!!!!!!!! What is this the point of this useless test!!!!!!!!
I have to disagree with you on this one. To me it's not about AV's getting the same protection score, to me it's about clearly explaining how things were tested and what malware was used. They always explain things clearly, for example in this test they used 360 malware samples, 18 PUA samples, 12 financial malware samples, 51 ransomware samples and 8 exploits. They also used a banking trojan simulator which is based on a malicious browser extension, which is not often seen in real life, so I believe they should stop doing this. They also used a ransomware simulator, I suppose this is using new file encryption techniques, similar to the one in the Kaspersky sponsored AV-TEST. And they even clearly explain what type of exploits were used, so what's not to like about this test.
pff i think u'd be surprised what kind of crap people install https://www.aivanet.com/wp-content/uploads/2013/12/internet-explorer-toolbar-overload.jpg Well i don't like that all the products have perfect or near perfect score, it means the testing is weak as it cannot pressure the antiviruses to show which one is actually better. It's like u test 10 formula 1 cars but they can only go up to 60 km/h and u're like "oh wow they all get to 60 km/h in X seconds wow they're all amazing for driving highly recommended!!!! " But yeah i like that they say the samples. Would be nice if u could download em too, for full transparency.
It's not surprising that most AV's get the same protection score, it's because most AV's have got no difficulty blocking 99% of all ''in the wild'' malware. So I don't see why you wouldn't trust a test that shows you these kind of results. Also, I don't believe that hackers are making use of malicious extensions to hijack online banking, AFAIK they still make use of banking trojans. Correction, I just did a search, and turns out that malicious extensions have been used in attacks, what the hell? https://threatpost.com/google-removes-chrome-extension-used-in-banking-fraud/127469/ https://www.zscaler.fr/blogs/securi...steals-cookies-and-credentials-bank-customers