Bluepoint 70 Threat Challenge - any comments?

I actually like the idea behind this live testing,I'd like to see something similar from a neutral organisation such as AV-C.

 

comodo is perfect 100% oops missed 2 haha

 

At least they fixed the charts.. "Unique Infections" - how can anyone verify that?

 

Interesting, have G-Data been tested before? xD

 

BluePoint Security 2010
Total Unique Infections: 0

 

Those results just continue to trash the test. And thats ashame as I to like this type of test.

Looks like your avatar may need some updating.

 

Yes,the very fact that they're able to state number of infections for rival products demonstrates prior knowledge of all the malware.

 

Avatar updated

BTW I am Waiting for...
BluePoint Security 2010
Total Unique Infections: 1

 

I am waiting for it to infect itself.

 

I think that did happen before, but they've resetted the virtual machines multiple times to "compare" against new products. Maybe it was tested too much

They've "failed" quite a few other products though, for various reasons. Examples include: MSE, AVG, Avast, Avira, Trend Micro, Kaspersky, ESET, Mcafee etc.

 

Bluepoint is an anti-executable with whitelisting, not a traditional AV program. Considering that the testing methodology consists of downloading executables and attempting to execute them, barring a piece of malware that exploits a vulnerability in BPS itself (TOCTTOU perhaps) a 100% result is to be expected.

In no way does the exceptional performance of BPS "trash" this test. In fact, the validity of the results are well supported by Comodo's performance, as the Comodo sandbox is decent at preventing permanent changes to the system, as shown by its near-perfect result. From what I can gather from a brief look at the comments on the BPS test page, the infections of the Comodo VM were caused by the Comodo sandbox not sandboxing scripts. I expect that if Comodo were tested without the sandbox and with a properly configured Defense+, it would also receive a 100%.

Same with any other anti-executable, although I do not expect Bluepoint to test one as that would detract from the image they are trying to cultivate around their product. If we are lucky, they might test Online Armor which should return a 100% result as well due to its anti-executable functionality.

As raven said,

This test is useful, however, at reinforcing the point that any blacklisting based approach, even an advanced one such as Prevx, will always be inferior to a whitelisting performed by a knowledgable user.

 

and where are clean files to test FPs?

 

BTDTGTTS

See: https://www.wilderssecurity.com/showpost.php?p=1673460&postcount=10

 

this test is not fair you can't test together security suites with hips and antivirus software......... bluepoint must test only norton suite comodo suite and other complete suites. and show how react this suitesk, because there are three levels of protection detection prevention and disinfection. to ask the user
if he want execute something is not detection...... after this question begins the detection.......

 

Panda has really climbed. At this rate you would have to say it suceeded compared to crap the others did.

 

Yeah, their detections have improved a lot!! Or is it that it have always been very good? Since they were not tested frequently before but now they're performing very good

 

guess this thread is proof-positive that their marketing works...hahahaha

 

What do you mean?
Others AV are doing good, and we know (According to some members) bluepoint has some kind of whitelist that's why it never gets infected and not because they have bullet proof signature/heuristics

 

Their whitelist works pretty good. The problem is that their isn't much on it. Bluepoint recognizes very few programs. I used it for a while but it just got too annoying.

 

You are spot on here...

Code has been added in CIS 2011 (ver 5) to deal with scripts. But lets be thankful CIS has buffer overflow protection

 

What does that have to do with anything?? you don't have to have a buffer overflow to run a script...

 

Looks like the revolution is offline for quit some time now, or is it started without me

 

Bluepoint had shown 2 infections yesterday via the video feed, yet the statistics remained 100%. Now Bluepoint's VM is down for maintenance. Strange, or is it just me?

 

Nah, those are just 'Unique Disappearances'

 

Makes perfect sense!