Introducing, The New Prevx Edge.

Discussion in 'Prevx Releases' started by trjam, Nov 13, 2008.

Thread Status:
Not open for further replies.
  1. capatt

    capatt Registered Member

    Joined:
    Jan 23, 2007
    Posts:
    84
    The tester knew what he was doing. That's why he tested Prevx Edge without internet access, knowing in advance what the outcome would be. Viewers without knowledge of Prevx architecture would come away with a negative impression.
    No one would call Winpatrol or Defensewall an anti-virus.
     
  2. denniz

    denniz Registered Member

    Joined:
    Jul 26, 2007
    Posts:
    436
    Location:
    The Netherlands
    Exactly, and I don't think that's fair to Prevx. It's like testing what the fastest and safest webbrower would be.... on a computer with no internet connection...
     
  3. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    And he never showed his heuristics settings before the test. How do we know he didn't purposely dial them down low before the tests. But as has been pointed out. He did the test against Defensewall without even adding the samples to "untrusted" and he ran the same test against Winpatrol, which isn't even an antimalware detector so I echo Ilya's rating of his tests....0.

    I have used Edge since it was in Beta. I am more than happy with the job it has been doing for me. Often stopping stuff that just breezes by antivirus and antimalware detectors. It is one piece of security software that I just won't run my computer without.
     
  4. SIR****TMG

    SIR****TMG Registered Member

    Joined:
    May 31, 2004
    Posts:
    833
    I to stick up for edge..:thumb:
     
  5. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,166
    Location:
    PA
    I agree.. I think the new Prevx + CIS will be the ultimate security for a low price.
     
  6. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,166
    Location:
    PA
    I have a couple more questions about Prevx:

    1) Does it have some kind of attacks signature database? Kind of like an IDS?

    2) Does it whitelist government spyware? I'm not in any kind of trouble, but this is something I like to know if possible.
     
  7. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Hello,
    We use many millions of signatures online as well as thousands of heuristic signatures, global analytical rules, and dozens of other analytical techniques all employed on our servers to analyze programs and their behavior. While we don't directly function like a network IDS, we look for exploit signatures similarly to an IDS within programs to identify malicious software.

    As far as I can tell, we do not whitelist government spyware. Actually, if the government was to try and use a targeted spyware attack against a small group of users, Edge would block it completely heuristically just because of it being a unique program with suspicious behavior appearing on a small number of systems :D
     
  8. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    I agree :) There have been many tests which try and show our effectiveness when offline.... but that is conceptually not going to work with Prevx. Frankly, in probably 6 months, it won't work for any other antivirus product either - I wager that most products will be offering a majority of their protection from the cloud. It simply is not a viable option to try and have every single customer PC update once every 5 seconds to catch the newest malware.

    AVs currently pushing out updates at ~15 minute intervals are essentially requiring a constant internet connection as we do. Our whitelist is huge so you do not need a constant internet stream as we only have to scan unknown programs and a vast majority of all programs on every user's PC are known good and trusted.

    I think this tester is confusing Edge with an offline HIPS product. Sure, Edge could throw up a big "Block" popup every time a user tried to run a program or open a file.... but is that security? And, at what point do overly active HIPS products lose any benefit of security which they offer?
     
  9. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    there are alot of softwares that do exactly this, they block everything, show warnings for everything, detect everything and people call it proper protection and security.

    People look at these softwares, see that it detects and shows pop ups on their tests and then claim its the best,

    ..... its a shame. :rolleyes:

    that first line, says it perfectly... its almost word for word what drweb told me many many months ago when looking into the HIPS market.

    which is why edge is sooo much better, its more automatic, and how it should be, although im sure there is room for improvement. :D
     
  10. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    This is exactly what we realized as well. We had been focusing very extensively on classical client-side HIPS technology for the first products we developed but we have learned that this technique is a bit of a "dead end". Yes you can block 100% of malware, but also 100% of updates of good software, 100% of system components, and conveniently prevent 100% of usability in the system :D

    A standard AV is very silent compared to a HIPS product which is what makes it a viable component of security for the average user. However, every AV is conceptually flawed in the fact that it is reactive to new threats and immediately outdated the instant it updates. The challenge is then to find the happy medium between blocking every single program in the world and allowing every single program in the world to run without prompt. The average user (and by average I mean 99% of users) does not want to learn about security. The reason we have computers is to make our lives easier, not to create a steep learning curve where everyone has to learn what "dll injection" is to just stay safe! :D

    Tests like this latest one definitely do not help user education because they portray an ideal security product as one which can protect with no access to the internet and no updates.

    Without a community based solution, I honestly don't see how tackling today's threats can be done. Even us at Prevx, being AFAIK the first player in the "community" protection world working on our protection for ~8 years, have only just now started to really nail down all of the aspects of it and get a viable solution out that can be used by the masses.

    I think the road ahead will become quite rocky for many companies that are forced to stick to the status quo.
     
  11. Mosqu

    Mosqu Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    69
    Location:
    Germany
    Talking about beeing offline... Imagine: Visiting a friend, plugging in his infected usb-drive and your notebook has no internet access...

    So here is an idea: Add an option, that Edge blocks (or queries) the execution of any locally unknown executable while the internet is unavailable.

    That would keep me always safe, and I'm not left alone by my favorite security application.

    What do you think about that?
     
  12. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Hello,
    We are working on something very similar to this :) We will be locking down various areas of the system when offline and showing a not-so-threatening prompt when opening a program.

    As Windows doesn't give you a prompt to not run a program when inserting a USB key, we think this would be a useful addition when offline.
     
  13. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    It's sad really that Prevx has been 'shown' to be poor on the basis of flawed testing methodology for as long as it's existed.To quantify it without taking into consideration its most important facet,the community/cloud-based protection is frankly meaningless and reflects badly upon the so-called tester.:rolleyes:
     
  14. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Watching B-Rated movies like that, one would think would be above the intelligence or curiousity level, of most here. It isnt about just Prevx. Take DefenseWall. He tested it totally incorrectly for what the program was intended.

    Are we that hungry for positive and/or negative results on products we like and dislike. How can you rate a person like that, over some of the most astute people in the field of security that are members here.

    I dont know. I guess that is just the way it is.
     
  15. Mosqu

    Mosqu Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    69
    Location:
    Germany
    That's good. :thumb:
     
  16. s4u

    s4u Registered Member

    Joined:
    Oct 24, 2007
    Posts:
    441
    Finally have Prevx Edge installed. Running some tests here with Avira v9 beta.
    First impression is great. Running smooth together
     
  17. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Just renewed my PX 2 license, file verifying after a full scan is kinda long n the noise coming from my silent samsung hd during the scan wasnt pleasant but considering the techno. n support am a happy camper.

    I got a Edge 20% discount code, am i allowed to share it amongst friends?
     
  18. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It depends where you got the discount code from but in most cases, I don't think we're going to intentionally prevent you from using it :)

    Also, if interested, you can upgrade from Prevx2 to Edge for free :)
     
  19. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
     
  20. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
     
  21. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
     
  22. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It's a relatively intricate issue and at this point we're recommending that anyone with the problem just upgrade to Edge (however in your case that isn't exactly possible at the moment).

    IMO it might be best if you just try uninstalling and reinstalling fresh again - that tends to work for most users who come across this issue.
     
  23. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Upgrading or reinstalling isnt exactely the way to professionaly deal with bugs, just my 2 cents

    Havtn run PX in w while but it's fun coming back to be a low priority user again ;)
     
  24. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    You actually mean you have some.;)

    Prevx 2 is dead. Move up man, move up.:)
     
  25. oldBear

    oldBear Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    37
    As a software developer of a product that has been scanned and found to be clean by every service which has tested it, I have to wonder on what basis prevx-csi labels it as possible malware? Is there, in fact, some actual testing you have done which has shown it to be malware, or do you just label everything/anything you're not sure of as possible malware?

    If the former, please contact me and let me know what tests were run. If the latter, shame on you.

    Berry Taylor
    NoteFrog.com
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.