WSA 2014 Editors' Choice from PC Magazine!

Discussion in 'Prevx Releases' started by PrevxHelp, Oct 14, 2013.

Thread Status:
Not open for further replies.
  1. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
  2. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    Great success Joe! Congrats to you and all at Webroot for the magnificent result.

    BTW, do you know what happened that it was worth for PC Mag to mention in Cons "Completing malware cleanup required hours of remote-control tech support."
     
  3. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Thanks! Yes, he had his systems pre-infected with Virut and Sality, which was a bit of a nightmare, but we did manage to clean them up (albeit with quite a bit of manual heavy-lifting, which we will be able to automate in the future).
     
  4. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    OK. It looks like WSA underwent very heavy testing, as far as I know the said infections are indeed hard to be removed and some AV solutions out there cannot clean it completely unless OS is reformatted. So if WSA/Webroot was capable to clean their test machine it shouldn't be stated as Cons but as Pros instead. :D
     
  5. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,014
    Location:
    Ontario, Canada
    Great to hear very Kwel! :cool:

    Daniel
     
  6. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Indeed, heavy testing is an understatement. I was the main liaison with their testing and I don't usually require much sleep, but I don't think they slept for the entire week while testing the product! They certainly put every feature thoroughly through its paces.
     
  7. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    They couldn't understand how such a tiny application can do such great things and to have impressive result. So they put every effort to find a hole but in vain! I don't want to speculate or to open Pandora's box but maybe an intervention of the main competitors was a propeller to test it thoroughly.
     
  8. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    I'm very impressed! I'm glad to have so many licenses of WSA. :)

    About the rollback feature...

    Was it a specific malware type that couldn't be reverted with the journal-and-rollback system? A fluke? It'd be interesting to know!
     
  9. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    If I am correct Joe said it in his post #3.
     
  10. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    Hmm, no. That was not the pre-infected systems. WSA failed with its rollback feature in "offline mode". Page 3 in the PCMag review. :)
     
  11. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    Yeah, I see. My bad. Let's see what Joe has to say.
     
  12. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It was due to WSA being too cautious - when it detected an active file infector (Virut in this case), it stopped the scan/cleanup process and threw up the "Contact Support" flag, which is what it normally does when pre-infected. The purpose of the prompt is to avoid "collateral damage" when cleaning a file infector, as they often wreak havoc across the system by infecting anything and everything. What we should have done is detect that rollback was available and bypass the "Contact Support" dialog. I connected to Neil's systems remotely to help out and copied over a cleanup script which bypassed the dialog, and reverted the infections.

    We're looking into changing this, albeit cautiously as file infectors do often require support intervention when users come pre-infected with thousands of file infectors. It may not make it into the immediate next build, but probably the build right after.

    Let me know if you have any questions!
     
  13. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
  14. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    Thanks! Good to know and even better to know that you and Webroot are aware! :) Personally, I haven't run into any problems so far with 2014 edition on any of the computers I've deployed WSA on.

    I must say this was one of the most interesting reviews I've read. I don't know the complete sample size but I don't think it really matters. The review really showed and explained exactly how WSA works, by doing it the real way - explaining with real malware infection attempts.

    In some ways, I even think the review explains how WSA works better than the official user guide! :)
     
  15. superssjdan

    superssjdan Registered Member

    Joined:
    Dec 11, 2011
    Posts:
    148
    Location:
    USA
    Congrats to the entire Webroot team on the test results. Another well deserved recognition. I sometimes wonder if Joe ever gets any sleep as WSA is so much better for all the hard work of it's development team. Proud to say I'm a Webooter:D
     
  16. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    There was a time when everyone were :gack: when Webroot was mentioned. But then, in October 2011, something great happened! Now everyone are :argh: whenever Webroot is mentioned! And test results are even more promising! :D
     
  17. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Yeah, and hopefully they can also re-join AV-C if they can come up with a new testing model that suits all vendors that participate :)
     
  18. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,635
    Location:
    UK
    I think it has to be a separate test, due to the nature of how WSA works, which is very different to other more traditional methods.

    As far as I'm aware, the two teams are/were working on such a test.
     
  19. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Yeah maybe, but I hope not since then there will always be people saying that wsa got "special care" or whatever in it's own special test. So if it could be tested along the other vendors with the new test model it would "look" better and less people would say that it looks this or smells that. :)

    But i'm happy if they just get started again :thumb:
     
  20. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,635
    Location:
    UK
    That's the problem - all vendors should be tested the same way, and as we've seen, WSA doesn't work like them. It has been tested with other vendors previously, but the true nature of WSA's methodology hasn't been properly taken into account, due to the way the standard tests have been carried out. AV-C acknowledge this hence the agreement to work with Webroot to produce a test that takes WSA's technology into account.
     
  21. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,561
    It's odd in the review he only has one process. I've always had two. I suspect he isn't showing processes from all users.
     
  22. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    I believe it mentions one service rather than only one process. The user process of WSA is started automatically by the service.
     
  23. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Congrats to Joe and the whole Webroot Team. :thumb:
     
  24. ProTruckDriver

    ProTruckDriver Registered Member

    Joined:
    Sep 18, 2008
    Posts:
    769
    Location:
    "Here on Wilders"
    Congrats to Joe & and Webroot Team on an Excellent Security Product! Keep up the good work. ;)
     
  25. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Yes Tony I know, but I meant if it would be possible for WSA to be tested along the other vendors as normal with the new test model. And the results should be displayed in an equal way like they are today.

    And not like this.....

    Here are the results. -> link

    And here are the WSA results. -> link

    Hope you understand better what I mean now :)
     
Thread Status:
Not open for further replies.