Introducing, The New Prevx Edge.

I didn't thought about this, but you are completely right!!!

This is even worst!

 

Quite a few:
"McAfee Total Protection 2009"
"BitDefender Total Security 2009"
CA - "Total Protection Internet Security Suite" (http://shop.ca.com/malware/internet_security_suite.aspx)

and those are just in the product names. Total = complete = 100% = "you don't need anything else".

I disagree - our statistics are based on real world data, unlike many other AV tests which are based on old samples or samples not actually affecting users.

This is true in > 99.999% of cases, so yes it does. Even if you were to apply a monumental false positive rate of 1% in this data, the statistics would remain the same. To put a 1% false positive rate into perspective, we scan about 30,000 files on each PC so we would be detecting 300 files on every PC as malicious. Or, on the other side, of our 6,000,000 users, 60,000 would be complaining of false positives.

And note: the charts are based on the data for THAT DAY - threats seen within the last 24 hour window, so 1% would be 1% per day, meaning 60,000 new people complaining every 24 hours... I suspect we would have been out of business years ago

Yes it is - and we clearly state this in our EULA and privacy terms. The information about what security product the user is using is very important to gauge our detection. For instance, if the user does not have any other security product installed, we automatically apply stronger heuristics as the user statistically has more of a chance of already being infected.

The existence of a threat on a PC secured by that AV is proof that it is infected.

I'm surprised at the sudden "outrage" against these statistics but I think it would be worth interpreting them for what they are, and feel free to look through the filenames and information shown to see if there is anything which looks misleading. The simple fact is that we have found infections on these PCs and there really isn't any further way of interpreting it. No solution is 100% and we're trying to help convey that.

 

I cant see what the problem is. The chart makes perfect sense to me and is not misleading in any way.

There is even an explanation there:

"The Security Vendor chart displayed above shows, in simple terms, a total count of malicious programs found yesterday by Prevx products on PCs protected by security products supplied by each of the vendors shown.

You should expect to see a higher number against the more popular security vendors because we see more of these users and consequently a higher number of malware infections."

They are simply stating facts and go to the trouble of explaining them in detail.

I cant see how anyone could have an isssue with this or fail to understand it - unless they have a hidden agenda?

It seems to me there are too many people in the business who dont like being confronted with facts and resort to accusations and insults when these facts dont fit with what they want.

 

OK, I admit, I work for all the companies on the chart!!! Do me a favor...

I already explain, and very well, what is the issue and also make a constructive feedback on that.
I know my English isn't the best, but you can make a small effort and read it again...

 

You are just playing word games. The same rubbishing of your own words is no more difficult for others to achieve, you know.

And so are many other statistics (based on real world data, that is). That doesn't make them right, and they are often - when they are used for marketing purposes, like yours, they are in fact nearly always - misleading. Intentionally so. It is how statistics are presented which gives them credibility and/or relevance, or conversely makes them as misleading as yours are. Often is it what is not said that is the most important. In your case you do not make it clear, for instance, that you are quite unable, in truth, to anywhere near prove that the threats were 'missed' by the stated security products. There are lots of reasons whey you can't prove it, such as other products not actually catching purported threats until the executable parts of them actually try to run, or whether indeed the threats you talk about are indeed 'threats': other vendors (and users) may feel what you are classifying a threat is wrong. Witness users here, even, criticising your detection of many of the NirSoft utilities. Also, just because your product sees the threat before another product does not necessarily maen the other product missed it: it may just be as simple as your product scanning the file(s) first. Indeed, in situations where your product was installed after another on a particular system may well just about guarantee that, completely undermining your statistics. I could go on.[/QUOTE]

Hiding behind an EULA is hardly a professional defence, and in no way make it right. I hope you are confident that you are complying with laws and respecting users privacy, because it is you that will suffer if you're not.

And it could also be written as "The existence of a threat on a PC secured by PrevX is proof that it is infected". My statement is as true as yours.

... and that is the most worrying thing of all. A vendor who sees its own marketing as 'the truth' and is shocked at people's responses is a vendor about to lose credibility and trust.

All in all, this feigned altruism of yours is really nothing more than a marketing attempt to rubbish the competition. If you consider your tactics while you've got the chance, you might make decisions that prevent you marching into very deep, hot water when one or more of your competitors hits back hard, especially when those competitors have a lot more resources than you do. Would it not be better to focus on how good you believe your product to be (and I do happen to think you have a good product) rather than how bad your competition is.

 

Im sorry, really dont see your point or understand the isssue you have. I see some basic and true information clearly explained on a website and thats it.

Probably best to leave it at that.

 

We try as best as we can to convey a humble tone when talking about our products - could you please let me know what words you are referring to so that we can modify them?

This is a fair point, and we have spent considerable effort deciding how to portray our statistics. What do you suggest we do to improve the legitimacy of our statistics? To raise a point made earlier in the thread - showing the statistics alongside the size of the userbases is not an effective means of improving the legitimacy, rather, it obscures the data more. Currently we are showing raw data - literally the raw numbers of infections seen. If we were to take userbase size into consideration, it would obscure and pollute the statistics. For instance, lets say fictional company X has 4 users and two of them have infections which we detect on their machine. It would look like company X is terrible as 50% of their users are infected. Alternatively, our logic of showing the number of infections would show 2 infected PCs, which is far less fear inducing and more logical to interpret. Again, we aren't trying to put product A against product B, we're trying to put products A and B against the threats.

Very good point to bring up - on VirusTotal, most of the NirSoft utilities are found by more than 20 vendors. However, today, we have taken the most recent versions of the NirSoft utilities and are now not detecting them anymore, even though most AVs are, as they aren't malicious by themselves.

I don't think this is the case. A majority of our users come to our website by searching for a filename which they found on their system where they suspect it is infected. They then download our scanner to detect the file - if the file was indeed blocked/cleaned by another AV, this would not be the case. Also, and most importantly, we focus on real threats, not dormant files on the disk. Therefore, for us to find a file, it either needs to be hidden by a rootkit, have the ability to load on the next bootup, or be active in the system currently. The reported results online come only from the on-demand scanner and do not include realtime results so in the event that Prevx 3.0 identifies a file before the user's other AV and that AV would still have blocked it, it would not be counted down.

If you could please elaborate on other potential problems, I would like to see if we have solutions for them in place already or if we can do anything to implement them.

We have contracts with many large corporations where privacy is a top priority. All of our code and storage is in line with the latest data protection acts and we are fully compliant throughout.

Indeed that is true, assuming the threat is actually infecting the system as it would be in order for us to detect it. Scanning a malware collection of x thousand files does not count against the scores unless those samples were actually active in the system.

The problem is that the data is true. We aren't obscuring it in any way and we are reporting exactly what we are seeing.

Thank you for the compliment, and I do not feel that we are trying to "rubbish the competition". Frankly, it is a great way to see what product works best alongside Prevx. We've always made a strong point that incremental protection is the best idea for security - we <recommend> using other vendors alongside us and we've explicitly developed our products to work alongside them. If we were trying to bash the competition, we would offer competitive upgrades and show a ranking of how terrible every AV is, rather, we're showing that AVs are missing threats which we would have blocked. You can keep using your AV, but why not put us alongside, knowing there is a tangible benefit in doing so?

 

Although I agree with you, and I'm on your side, this statement:

..is flawed, as indicated by the fact the results are dependant on numbers of users using anti virus X or Y.

Your statement is like saying, use whatever missed the least alongside Prevx, even though in all likely hood, the only indicator here is that a low amount of people use anti virus X or Y alongside prevx.

So to summarize, the statistics on the Home page are in no way an indicator of what works best with Prevx.

 

Actually I look at it in the opposite way - the products missing more threats would be better paired with Prevx as we cover more of the gap to hopefully reach as close as possible to 100%. Granted, the counts are affected by userbase but that is just because we see more data from more PCs using both products - the count is of the number of actual infections, not infected users.

 

I agree 100%. The chart is easy to understand, & certainly wouldn't mislead anyone who (a) finished at least 3rd grade & (b) doesn't have an ax to grind.

Security programs that claim to offer "Total Protection" are engaging in puffery. There is (as yet) NO "total" protection.

 

Thanks, if you had not done this I would have understood but I appreciate that you were open-minded enough to reconsider how Prevx views Nirsoft utilities.

 

It seems you have some problem to understand what others say, because of something that you already mention...

PrevxHelp understand what I said, but didn't agree because he/she have a different opinion and/or works for Prevx, and I just have to accept that, except with his/her non sense justification about what the others do or not...

 

sheesh. all of this back and forth. knida makes me glad i'm not bright enough to perform this very thorough marketing analysis and articulating. i bought and use P3 because it works, and works better with less bother than any other AM, AV i have used. not because of it's marketing prose/charts. silly me.


Mike

 

PrevxHelp, I believe this is a classic “red herring.” No major security vendor of which I am aware claims that they offer “100% protection” against all threats. Therefore, the rationale for showing the raw data about “threats missed” is absent.

Contrary to your assertion, "McAfee Total Protection 2009" and "BitDefender Total Security 2009" do not claim to provide complete protection against all threats. The use of the word “total” in this context is obviously intended to mean “comprehensive” (i.e., including anti-virus, firewall, parental controls and backup capabilities). If you have evidence to the contrary, please do cite it.

No one other than an extremely naïve user would believe that any security product provides complete protection, whether or not the product overtly makes that claim. I really don’t think that Prevx needs to fight this fictitious battle.

PrevxHelp, I am glad you asked.

• Add to the “Explain this chart” statements that (1) the “missed threats” statistics do not allow a reader to make an informed performance comparison between anti-virus vendors; that (2) Prevx also misses threats that the competition does not, to an extent that may be less, the same or more than others; (3) that the “missed threats” statistics are really “missed malicious files” and, as a consequence of the fact that a single malware infestation most likely encompasses multiple files, the malware risk is overstated; and (4) that no inferences may be made from these statistics, because they are not based on a random sample of the users of any of the companies.
• Present the “missed threat” statistics by product (e.g., “Kaspersky Internet Security” or “Kaspersky Anti-Virus”) rather than by vendor (“Kaspersky”), since consumers use products and not “vendors.”
• Report "missed threats" by the threat level (low, medium, high).
• For each “missed threats” statistic reported, display the associated count of the number of PCs scanned.

I also recommend the display of a bit more humility. For example, edit the statement on your home webpage "Every day, popular security products are missing thousands of infections" to "Every day, popular security products -- including Prevx -- are missing thousands of infections."

Hopefully, you will find these recommendations to be beneficial.

PrevxHelp, if a PC is protected by both Kaspersky Anti-Virus and ZoneAlarm firewall (for example) and Prevx detects a threat, then Prevx claims that Kaspersky has failed, even though the “fault” may reside with the firewall (i.e., with the intrusion prevention capability). Therefore, your logic appears suspect, unless the user is running an integrated security suite (e.g., “Kaspersky Internet Security”). Spm in post #4007 also notes other difficulties with your argument, too.

For more information about privacy considerations with Prevx, please see this thread.

* * * * * * * * * * * * * * * * * * * *​

PrevxHelp, if Prevx has absolutely no intention of modifying its perspective on the issue of the “missed threats” statistics on the company’s home webpage, please let us all know. We can "agree to disagree" and move on. Thank you.

 

And that my friend is really, all, that, matters.

 

I do love this sort of situations... How so? Because, then, there I come in and reveal the true stage:

Quote from http://www.bitdefender.com/PRODUCT-2214-en--BitDefender-Total-Security-2009.html

For me "all" is the whole and not just the part.

The McAfee and CA products mentioned here do not state they protectsagainst all threats. http://uk.mcafee.com/root/offer/def...ame=offer_12503.asp&qty=1&pfid=&bburl=&rd_cd=






Regards

 

Lol, actually I think we covered this on page 12, or was it 23, or was it 36.

 

Opinion is divided and I dont think there is any realistic chance of everyone being happy or us all finding common ground.

This has always been a constructive thread so lets just agree to disagree and move on.

Puss

 

I disagree - if interpreted that way, it would be more accurate to have their product named "McAfee Multi-Component 2009". Kaspersky and other vendors take the much smarter and more legitimate approach by naming their product "Internet Security". If you walk up to a number of random, non-security oriented, people on the street and ask them if they want "Internet Security" or "Total Protection" and ask why, I suspect they are going to choose "Total Protection" far more often because they think it will provide... total protection, and to the average user, that means it is going to protect against everything. McAfee has the tagline:

"Easy-to-use, all-you-need, auto-updating PC and Internet security!"[/B] (http://home.mcafee.com/AdviceCenter/Default.aspx?id=ad_cybercrime_OnlineThreat2009)

Note: "all-you-need", so apparently the 3,717 infections they missed today which we found don't matter . Clearly this line is furthering the deception of "Total Protection", and then ironically right next to it they have a virus removal service for-pay... shouldn't "Total Protection" have prevented any threats from entering?

You would be surprised and you clearly haven't spent time in an antivirus customer support inbox The volume of users coming in on a daily basis in shock as to why their existing security product let a threat in which we found is staggering. Users tend to not pay for ineffective solutions, which is why we sell a guaranteed cleanup service - something with tangible, immediate benefit. Most of our users buy that and then add on realtime protection to get all of the benefits. The average user doesn't go shopping around online and picking random new AVs just to try out unless they have a reason - which is most likely the suspicion of something going wrong with their computer. Additionally, we recommend that if they want added protection, they should layer their security with another product as well because no solution is perfect. I've personally written these messages dozens of times to customers and you'd be surprised how many people had no idea their antivirus software was fallible until it was "too late".

As for the opposite case where a user of Prevx would go to another vendor for help - they wouldn't and don't. We do get users coming in periodically complaining that we didn't fully remove an infection or that something got past. We then fix their computer by adding signatures, improving the engine, or assisting them remotely and if for some reason none of these succeed, we will issue a refund. I don't think we have ever been unsuccessful in cleaning a PC - the only time I'm aware of when this won't work is when it is taking far too long to clean the PC (usually 4+ hours is the cutoff). Contrast this with other vendors that charge per-incident and you can see why users get aggravated.

We aren't trying to make a comparison and no where do we state that we are... should we also add a disclaimer that the statistics don't predict lottery numbers or cure infectious diseases?

This can be inferred from "Current security products are failing..." We are failing as well, assuming that everyone's goal is to protect against 100% of threats and we are a current security product.

It is generally not - each of the components are almost always individually malicious, otherwise there would be no reason to detect them. We don't detect side-effect files like shortcuts/dropped data files as individually malicious so this is avoided. In most cases, you can take a component of an infection and place it on another system without the rest of the infection and it will work quite well by itself, so, each component should be counted individually. Additionally, if we were to adjust the count to reflect this, as unless an infection completely removes all components of the threat - a combination of malicious files - we would have to count it as missing the entire threat, so a single file trace would cause an entire threat to be counted as missed.

This can also be inferred: "found yesterday by Prevx products" - obviously Prevx products aren't installed on every PC in the world (yet ) so it would be illogical to expect this to be a perfect random sampling from a vendor.

There are more than 4,500 different antivirus vendor + product + version entries in our database which we "dilute" down to this list. At some point we have to cut it off and we can only display so much information at once. If the user is using a product by X AV company, they are expecting it to protect their system regardless of if they are using the fanciest, most feature-full version. Therefore, if a threat exists on a system where a product from that company exists, we log it against the company because in the end, the company created that product to secure the user's PC and it didn't.

The levels are dynamic and change depending on the number of users seeing an individual threat. We may be able to do this, but I suspect the overhead would be too great to re-query the current status of every threat found every time someone loaded the page.

This is falling outside the scope of the intent of the chart - the chart is made to show the number of threats found and is not made to interpret the data any further, otherwise we risk obscuring/polluting the data.

We would do that, but it is redundant "Every day, popular security products -- including a popular security product -- are missing thousands of infections." We don't exclude ourselves from the classification, otherwise we would be saying: "Every day, all other security products are missing thousands of infections".

If the threat got past the firewall and past Kaspersky, then indeed it was Kaspersky which failed. If I lock my doors and a convict escapes from prison and breaks into my house, both the prison gates and my locked doors failed. If every user of X antivirus also uses Y firewall and Y firewall provides a tangible benefit to security, we would logically expect X antivirus' scores alone to be lower alone so by not differentiating within the chart when X antivirus being the ONLY line of defense, we are improving the scores of X antivirus if the user is using other security products which caught threats that X antivirus missed.

We honestly consider every suggestion made, but we have yet to see an actual point in need of changing.

 

and double ditto....

 

I very much appreciate the extra layer of protection that Prevx 3 provides on top of my conventional security suite. It's a first-rate security product that well deserves its recent accolade from PC Mag. So, I wouldn't align myself with Pleonasm et al, whose criticisms you've answered very patiently.

It is, however, fair to say that the current Prevx home page emphasizes negative points about other products. Three headings that stand out are "Current security products are failing", "Threats missed by other security vendors" and "Latest threats bypassed by other security vendors". In crude terms, it does look like you're trying to sell your product by slagging off your competitors.

The PC Mag award should encourage you to promote Prevx in a more positive way. You're not just filling holes in other firm's AV protection: your cloud-based protection may well be the only way to deal with the exponential growth of malware that is likely to overwhelm conventional signature-based AV protection within a few years. Prevx won't just protect your users today but for many years in the future.

Perhaps, then, it's not the individual companies that you should single out in your barchart but the outdated technology that (I'm guessing) is common to all of them.

 

false one, have look, thanks
Prevx Scan Log - Version v3.0.1.65
Log Generated: 22/5/2009 08:57, Type: 1,8192
Windows XP Home Service Pack 3 (Build 2600) 32bit|1043
Some non-malicious files are not included in this log.
Heuristics Settings: Age: 1, Pop: 1, Heu: 2 (Dir: 1)
Last Scan: Fri 2009-05-22 08:57:24 Romance (zomertijd). Number of Scans: 117. Last Scan Duration: 1 minute 55 seconds.
c:\documents and settings\hoofdaccount\bureaublad\setupanydvd6553.exe [PX5: 9A5CBDD360AE1FEB107A48669C68BE008242765F] Malware Group: Medium Risk Malware

 

Covered, uncovered, covered, uncovered.....it's that 'beating a dead horse' thing.
I wonder if those who wish to argue about silly things, are the ones who's using the AV's that allow Prevx to shine?
I use it, love it, and will promote it!!

 

Fixed Thanks!

 

I agree, although it is hard to convey a point to users if we don't describe it in non-technical terms and with the way we have it structured now, we are able to break down the actual data to support our claims.

Also, if anyone is bothered by the vendor graphs, feel free to visit this alternate version of our website:

http://www.prevx.com/default.asp?hidethetruth=y