Whither Testing PrevX ??

At the risk of being repetitive? Man, that ship sailed a long, long time ago.

 

here you go: I was mistaken and it wasnt on the VB website, but the Viruslist website instead.... i still found it though

Do not be fooled by such tests in the past, they were utter tripe and the results published were as false as one could make them.

there will be an argument that 'its still better to detect', but these tactics used have been purely to detect-well in these tests, they help sales, everyone goes home happy.

but when actual protection is needed, alot of these AV's fail...

People are soooo-easy to manipulate if information is posted in a professional manner, from so-called professional testers on a ('repected'?) website,

alot of fools.

however - dynamic testing has begun, and we shall see how things now go.

 

Thank you all for the kind words! We are honored to be among the few products who have achieved Platinum status within WestCoastLabs and hope to continue our relationship with them to include new and exciting features into the testing mix

Although all of the results are not made public to all users, relevant parties know the strength of the Prevx solution. To quote the WestCoastLabs article:

A comparison of Prevx versus virtually every other security product lends quite a lot of support to our claims as well: http://www.raymond.cc/blog/archives...age-antivirus-and-internet-security-for-2010/

And for links of other reviews of Prevx, it would be worth taking a look at: https://www.wilderssecurity.com/showthread.php?t=244969

WestCoastLabs is one of the oldest and most trusted antivirus testing organizations, and I believe the only one which is accredited internationally as a scientific testing lab. WestCoastLabs' dynamic/realtime testing is of significant value to us - they have a worldwide network of honeypots and users collecting samples which are thrown against the leading AV engines, including Prevx, on a 24/7 basis. This gives us a very precise indication of the strength of our technology and because of our Platinum status with WCL, we currently don't see the need to add more "badges onto our vest" for AV testing. We've proven our effectiveness and will continue to up the game with antimalware protection. We conceptually do not agree with AV tests that show products achieving 99+% detection rates as that is obviously not representative of real world performance, so until we see other tests which are mutually beneficial and can accurately represent the strengths and weaknesses of the products being tested, I don't see us using a few of the other testing organizations.

 

What about the Whole Product Dynamic Test by av-comparatives?

I think it is quite good and i would be pleased to see PrevX there.

 

When is the certification logo going on the PrevX website.

 

Thank you for providing this information.

Yes, I remember seeing an article about that same issue. Please note, however, that the problem being described applies primarily to static on-demand tests. The new whole-product dynamic testing methods conducted by organizations such as AV-Comparatives and AV-Test are considerably more “real” and seek to more closely mimic the actual experiences of users. As the article says:

This isn’t a recommendation to abandon testing of anti-malware products, nor is it a condemnation of the testing organizations -- rather, it is advocating improved testing methodologies, a position that I personally believe is well founded.

I completely agree with your conclusion: “Do not be fooled by such {static on-demand} tests in the past, they were utter tripe and the results published were as false as one could make them.” The new class of whole-product dynamic testing methods, however, change the game and better answer the question that is really of interest to many users: “How well will a specific anti-malware product actually protect me?”

 

Yes, it does seems that a consensus is developing: the old, static on-demand testing methods fail to accurately represent the protection provided by an anti-malware product. However, the impressive whole-product dynamic testing methods recently employed by AV-Comparatives and AV-Test do seem to be highly “representative of real world performance.” AV-Test, for example, exposed an Internet connected PC (protected by one of the products being evaluated) to 10 malware threats per day for 60 days and measured the threats blocked. Of course, every test has limitations, but this seems to be an excellent method for assessing “real world performance.”

Question: Why doesn’t Prevx consider this approach to be “representative of real world performance”?

Thank you.

P.S.: I’ll take a closer look at all the links you provided.

 

yes, your right it IS about static detections,

however, these tests went on for YEARS, people believed the crap and believed their product was the best etc.

so, why would someone now trust their new methods?

its fine to say, its now Dynamic Testing, but I aint convinced in Av-Comparatives ability to test against Malware, regardless if to wilders - they are gods in the industry.

in the end, the public trust such websites and its all been falsely played, i feel sorry for people who have relied on them to purchase a product, or to at least 'push-them-in-the-right-direction', it shows for YEARS, they have printed such rubbish, such lies, and products have claimed awards falsely,

... im sure its all a big joke, as long as the testers get recognition and as long as players of this game get their awards and recommendations, everyone goes home happy (except the paying customer)

I do like to test my securitys against new samples, but my PC is extremely hard to infect with Prevx on High/Med/Med,

sure, some new files get through, but as soon as they start doing something, prevx stops it.

and a simple 'scan my computer' quick scan, shows the infections.

edit:

5 minutes later, scan shows some new detections:

this is why Prevx is sooo hard to test against, its ever-working, ever-mutating to find those infections.

id like to say, that once again, i see nothing on my machine that would lead me to believe i am infected.

 

on another note, after my latest testing, i did get the following:



now, these were zero day samples and prevx seems to have kept me infection-free which is beyond all expectations.

however, this screenshot ive produced does puzzle me, its a full system scan without smart scanning and 0 new threats detected. (and yes, ive tried Max/Max/Max on my settings too)

however, Hitman Pro says 2 detections and the most puzzling part is Prevx is one of the engines to detect it in HMP.

not too bothered, just curious why this would happen?

no extra running processes, no pop ups, nothing i can see, infact PC just seems as normal, just as quick.

Super!

 

Just subscribing to get the answer to the last post by PC Gamer

 

It’s also worthwhile to remember that years ago anti-malware applications were not cloud-enabled, and thus these static on-demand tests (while not perfect) were a reasonable assessment of the protection provided at that time. However, in recent years, almost all anti-malware applications interact with the cloud and, for this reason, the old static on-demands tests are no longer relevant (in my opinion).

The use of static on-demand tests by organizations such as AV-Comparatives was not a ‘conspiracy’ nor was it ‘incompetence’ -- years ago, it was a reasonable testing methodology.

Seriously, why wouldn’t you trust the new whole-product dynamic testing methods? I don’t see a critical flaw in this approach -- although, obviously, limitations exist (e.g., number of samples tested).

If I understand you correctly, you seem to be suggesting that it is impossible to test today’s anti-malware products in an intellectually sound manner. I just can’t accept the conclusion that knowledge about the relative strengths/weaknesses of competitive anti-malware products is beyond human understanding.

I honestly don’t see why other cloud-enabled anti-malware products are any different, and therefore why Prevx can’t be compared to them.

PrevxHelp, perhaps you too can comment on this issue?

 

its nothing to do with the fact that some now use 'cloud' technology, for years there wasnt a single product tested that used cloud, some have only added this in the past year or so, prevx also has other techniques to detect undetected samples, and im guessing prevx dont trust them to use all-what-prevx-is to get its result.

Why wont Prevx enter the tests, im sure i aint far off the truth by saying they simply dont trust them as testers.. their methods, the way they aquire their samples, there are lots of reasons. (of course, i dont doubt they would admit this, as they are professionals and a buisiness and those types of comments are frowned upon towards a tester im sure)

For years companys have played the game of easy-passes in the static tests, regardless if it shows a customer their true value to protect them, and im doubtfull of their capabilitys to test them dynamically.

ive read through the posts on this forum for past tests and for companys removing themselfs from those tests, and people on this forum slated them for it, yet new news and facts only shows those companys in a higher light in my opinion, and shows alot of the others has complete fraudsters! playing percentage games to gain respect & money is disgusting for the paying customers who 'may have' relied on such tests for guidance.

the methods companys have used for these easy-passes and false figures, only got worse as every test went by, sorta like an avalanche.

but like those, there is an end and that would be for static detections, out with the old, in with the new!

however, will similar practises be performed in these tests, only time will tell.

but i cant honestly say i trust they wont, im hoping they wont, but i have my doubts.

thats just what i think.

anyway - regarding my monthly (or so) test on prevx for zero-day samples, i can honestly say, my computer with Prevx is very hard to infect!

 

This could likely be due to scan result caching - could you send us a full scan log to report@prevxresearch.com so that I can see if the files were cached before they were marked bad?

Thanks!

 

You could be right. PevxHelp, your comments?

On a general note, I don’t think it is proper to speak of all anti-malware testing organizations in the same way -- there is a distribution of professionalism in that industry, just as there is in any other industry. Sure, there are some testing organizations that are ‘questionable’ -- but, that doesn’t mean that there are not some which are excellent.

Do you realize that you are performing a ‘lite’ version of the same whole-product dynamic testing methodology executed by AV-Comparatives and AV-Test -- thereby providing support for the hypothesis that Prevx can be legitimately compared to its competition using this approach? You’re exposing your PC, protected by Prevx, to a variety of malware and measuring what is blocked. That’s precisely what AV-Comparatives and AV-Test do when running a whole-product dynamic test.

 

Lol then why do they need to enter the test, they get it from me for free.



Joe probably trusts me more to test prevx anyway, lmao

 

To be quite honest - this is very true. We know how well our product performs because we test it on a daily basis against other AVs. If any user really needs to validate it on top of what PC Magazine, Immunity, Gartner, WestCoastLabs, InfoWorld, About.com, Softpedia, numerous independent reviewers online, and our own users say about the product, I imagine they could run the most representative test on their own.

Testing by a third party is useful, but how does anyone know if the testing is relevant to their computer usage? There are scores of ways to get infected and many of them are irrelevant to a majority of the users so testing against these methods or threats does not accurately reflect the power of the AV for that user.

That being said:

... we agree, and at RSA this year, we met up with a number of different AV testers who are now starting to acknowledge the ability to test Prevx because of the changes in testing and should hopefully be able to start testing it against other AVs in the future, although I believe the industry is still waiting on some "official" response from AMTSO to finalize the procedures.

 

Please tell me that you are not referring to the “Threats missed by other security vendors” analysis! More seriously...

• Based on those tests, how well does Prevx actually perform?
• How are the tests conducted?
• What is the rationale for not making the results public?

I agree that personal experience plays a key role in an individual’s assessment of an anti-malware product. However, such an exercise isn’t addressing the theme of this thread: how well does the protection provided by Prevx compare to that provided by its competitors? I think it is safe to say that most users lack the resources to conduct comparative testing well.

• Are you referring to the AMTSO Best Practices for Testing In-the-Cloud Security Products? Wasn’t this specification approved by the organization almost a year ago?
• Prevx isn’t currently a member of the Anti-Malware Testing Standards Organization (AMTSO). Is this about to change?

P.S.: As always, I find our conversations intellectually stimulating and enjoyable!

P.S.: And, on a jovial note, I’m reminded of the following quote:

“For those who believe, no proof is necessary.
For those who don't believe, no proof is possible.”​

 

can BluePoint Security 2010 Personal Editon and Prevx run at the same time?
why prevx don´t put virus name in my opinion is better.



__________________
Prevx 3.0.5.85 with SafeOnline
Hitman Pro 3.5.4 Build 91 x32-bit
BuePoint Security 2010 v1.0.8.99

 

Cheers Joe,

It is annoying to me when I see prevx tested in a way that doesn't test it properly, its not a matter of scanning a large collection of samples ondemand, especially untested ones.

 

Yes, for any of today's major anti-malware products, this mode of testing is not only “annoying” -- it is also misleading, in my opinion.

 

Very cool! http://www.prevx.com/certification.asp

Congrats again on a fine job! Keep it up!!!!

TH

 

No, it doesn't

Extremely well - we still add some fringe detections as necessary, but we are overall consistently pleased with our performance and we are obviously objective in the interest of actually improving our products.

Our researchers hunt for malware and websites that contain exploits using PCs with outdated security patches, outdated Flash/Java/Adobe/etc. and try and get infected. Once heavily infected, they install Prevx and see how well it performs. Our current record is 20+ discrete rootkits on top of > 400 individual infections simultaneously infecting a PC - our researchers are relentless Periodically, images are taken from these PCs and tested with other AVs as well to give us a good feel of our competition in a live environment and some of the results are honestly shocking.

How many tests done by vendors about the performance of their product are actually accepted as true when released publicly?

Yes, but I'm unaware of any organization currently performing all of these tests and I'm not familiar enough with them to say if we've actually gone the route of discussing these tests with the testers yet.

Probably not - we decided not to join intentionally for reasons that probably shouldn't be shared here.

 

i second that... cloaked....medium....high risk seems like the pc has caught an exotic infection

 

I suspected the same, so that’s good to hear. It’s too bad that Prevx isn’t receiving the positive press that would occur if such comparative tests were public. That may be a huge (and missed) business development opportunity for the company.

That is certainly a step in the right direction, but are you not testing detection/cleaning rather than prevention with the competitive products? It seems to me that increasingly the emphasis is shifting toward the latter, relying upon procedures such as the whole-product dynamic testing methods employed by AV-Comparatives and AV-Test.

...And, it's still not clear to me why Prevx believes this whole-product dynamic testing methodology is unrepresentative of "real-world" anti-malware protection performance (see post #57).

Yes, I agree -- that is a serious issue, but consider....

Prevx (like other anti-malware vendors) does not seem to be averse to paying a third-party to conduct tests on its behalf, such as the one done by Immunity (if I understand the Prevx-Immunity relationship correctly). Following that model, Prevx could outline the parameters of a proper test and have a reputable third-party organization independently perform a robust and public comparative assessment.

P.S.: Some individuals may object to a test where a vendor is paying a fee to the testing organization. Personally, I think such a criticism is unwarranted when dealing with highly regarded companies, such as the recent West Coast Labs certification (paid for by Prevx, a fact about which I have seen no objections discussed in this forum).

 

Pleonasm, vendors pay towards avc aswell, so what's the difference?