MRG Flash Tests 2011

and thanks to LODBROK for the excellent summary.

 

Isn't Defensewall a user based decision HIPS?

I ask this because there are HIPS that rely a lot on user decisions (Which i like) and other that reduces pop ups with whitelist/blacklists/cloud etc.
But IMO if Defensewall is user based decision i guess it's not fair (Or any HIPS that is noisy would get 100% aka MD, OA set to max or Comodo set to max etc.)

 

DefenseWall is policy-based sandbox HIPS with whitelisting and an application firewall. Everything "untrusted" is isolated from the system. It requires little to no user interaction.

 

As G1111 said it involves little user interaction. In my experience with it the vast majority of the time you don't even know it is there.

 

Oops,

https://www.wilderssecurity.com/showpost.php?p=1906837&postcount=591

Based on the general results table that have been compiled from January to July, 2011 some conclusions may be drawn:

[1] - Avira, Avast!, G-Data, MSE, and even my beloved NOD32 are not that good against 0-Day threats.

[2] - McAfee sucks big time against 0-Day [unfortunately, it's the one run by our employer, VSE 8.7i ]

[3] - Noton and Kaspersky, both so much praised here miss many samples as well.




Carlos

 

Pretty awful results from most of the AVs. The lesson from this is that an AV should not be your sole or even primary method of security.

 

McAfee seems to be big in corporate and academic environments. The college I went to used McAfee.

 

Ontario (a province of Canada) government as well.

 

I think Dark Lord was referring to the July test results, which show a 100% pass, but when you look at the findings collectively since January, you get the percentages you mentioned.

 

You got the point my friend

 

Why was Defensewall tested but not SandboxIE?

 

I believe sandboxie won't be tested since by default it does not protect on anything. ( Unless you count the default browser shortcut)

Defensewall is very good I really like this noiseless approach

 

If that's the reason, then I wonder what Zemana AntiMalware is doing there.

If my memory still serves me well, it's simply a different name and a bit different GUI from Hitman Pro, and therefore an on-demand scanner. NO real-time protection. Unless the user scans the file, it's useless.

I guess this qualifies Sandboxie for the tests, no?

 

Good question there

But I think that's why they separate the category for hitman pro


I love to see a test on sandboxie, maybe they should make a new category

 

Then DefenseWall RULES if it requires no user interaction!

In my workplace they have like 2000 PC's and they all use McAfee Enterprise

 

The allegedly missed StartPage actually turned out to be a false positive and should not be detected. It's a tool for online development of distributed software. I've notified Sveta about this fault and asked to correct the results.
Edit: Sveta confirmed that we were delivered a wrong file. We'll check the correct one as soon as we receive it.

 

They don't need a new category. It's already there. The one where Zemana AntiMalware is.

If the tests have place for on-demand scanners, then they also have place for security applications that require the user to set them up or manually start them.

 

Indeed, Sandboxie could tie DefenseWall.

 

yes, but MRG stated that they test app with default setting, where HMP will suffice with that. but sandboxie in the other hand has many ways to set up and use, with almost no default set up (only a short cut for default browser)

I'm not arguing with you about sandboxie eligibility, it just with the current MRG rules I can't see where would it fit in. Personally I would love if MRG start testing sandboxie

agree

 

I wonder how KIS rather than KAV would fair,it has an hips module kav doesn't and I would lay odds that more people use the suite rather than the stand alone AV

 

New test results out:

MRG Flash Test 22/07/2011
http://malwareresearchgroup.com/2011/07/mrg-flash-test-22072011/

 

100% pass for avast! on the last four tests. Seems to be improving lately.

 

Yes, it would be great.

 

Avast!, Emsisoft, Malwarebytes

 

Norton not doing well lately. Congrats to Avast! Is that Avast Free?