Of note is Eset's consumer products were the only ones to score 100% for DEP & ASLR for all to date tests performed i.e. 2014, 2015, and 2017.
It looks like more of a report on whether or not the vendors use DEP, ASLR, and SSL (for updates). As far as these products being able to "protect themselves" these things accomplish very little. It's better to have these things than not, but I think that this gives people a false impression about which products have better self defense than others.
I think the point being made is DEP and ASLR are basic protections offered by the Win OS. If AV vendors are not deploying those to protect their processes, other claimed self-protection methods are suspect. AV-Test did make a statement that they asked vendors who didn't score 100% in this area about their claimed self-protections and did not receive any response details on those.
Hm, I don't know how up to date this test is. Emsisoft offers their test version download over https and not http.
Nope it's the other way around. You can disable https (to examine network traffic) but it's enabled by default.
Yes, you're right. Download page is https but download itself came through http. In my case it was: http://dl.emsisoft.com/EmsisoftAntiMalwareSetup.exe
Any claims made should be suspect, regardless of DEP or ASLR status. That's what test are for, and I don't see any here. The vendor(s) that did not respond probably didn't want to bother commenting on a report that does nothing to demonstrate the effectiveness of generic OS protections. Plus any vendor that does have proprietary protections likely doesn't want to give away any info on what they are doing. Trade secrets and such.
This would be affirmative in my opinion.Although,these 2 technologies are around for quite a while and vendors should look for 100% implementation.
