Testing was performed on both Win 7 and 10 using IE11, Firefox 31.0, and MS Office. Windows Defender AV was tested stand-alone - it scored second from last place. It was additionally tested with custom Windows Defender Exploit Protection app settings for the browsers and MS Office applied in which it scored in fourth place. The custom WDEG settings used are listed in section 10.1.4. https://www.mrg-effitas.com/wp-content/uploads/2018/05/MRG_Exploit_Protection.pdf
And the bets are open to understand which one is the product that wanted to be anonymous, my guess is Kaspersky
I doubt it, my guess is Malwarebytes Endpoint Security. Kaspersky always do great on MRG Effitas (everywhere to be precise). https://www.mrg-effitas.com/wp-content/uploads/2014/03/MRG-Effitas-Real-World-Enterprise-Security-Exploit-Prevention-Test-February-2014.pdf
I guess it should also be noted that this was a Sophos sponsored test if anyone hasn't figured that out yet. Hence, the lack of "big-name" AV endpoint products. Looking at the individual tests, many look strikingly similar to those in the HMP-A test tool. I know my AV would have performed poorly against them with "out-of-the-box" default settings. Also my AV would require custom HIPS rules established which I presently use to block the HMP-A test tool exploits. This differs from the modified settings MRG deployed for the tested products which are in the form of enable/disable optional settings.
I think you may be right, because Malwarebytes always performs badly in these kind of tests, they are probably tired of getting hammered. I really hope they will improve. However, it should have shined in this test since it has integrated MBAE. Same goes for Win Def Exploit Guard which is based on EMET. The lack of big name AV's is probably because most of them are not designed to block exploitation techniques. That's why Win Def shouldn't have been included. It's obvious that Sophos/HMPA monitors the most exploitation techniques, but other tools might still be able to block/detect malicious activities from malware that's running in memory. What surprised me is that Sophos missed the "detection of financial malware", makes me think just how good this protection in HMPA truly is?
BTW, I just read a report and turns out that Malwarebytes is bigger than I thought in the enterprise security market. I would suggest to them to buy a company like enSilo or Endgame. This will give them the tech to finally perform well in AV testing, and of course I hope they will integrate some of this tech (machine learning/behavior blocking) into consumer versions.
Malwarebytes has already done that to some extent: https://www.zdnet.com/article/malwarebytes-acquires-italian-security-firm-saferbytes/ https://blog.malwarebytes.com/secur...d-machine-learning-will-impact-cybersecurity/
Second article is interesting, thanks. But clearly, current acquisitions didn't pay off, because in the last few years they always came up in last place in both consumer and corporate AV testing. It's best if they takeover another company, if they have the cash. https://www.nsslabs.com/group-test/advanced-endpoint-protection-aep/