Press Releases

AV-Comparatives releases Enterprise Endpoint Protection Test – Factsheet August September 2018

16 enterprise products tested! The independent security software testing lab AV-Comparatives released a a large scale Enterprise Security Endpoint Test.

AV-Comparatives tested 16 leading enterprise security products for Windows.

The independent security software testing lab AV-Comparatives released a a large scale Enterprise Security Endpoint Test with the August-September 2018 results of their Business Main-Test Series. 16 enterprise products are covered in the report.

This short fact sheet for our Business Main-Test Series, containing the results of the Business Malware Protection Test (September) and Business Real-World Protection Test (August-September). The full report, including the Performance Test and product reviews, will be released in December.

The factsheet can be downloaded from here:
https://www.av-comparatives.org/corporate-reviews/

AV-Comparatives releases August 2018 results of their Consumer Real-World Protection Test of Internet Security Suites

AV-C’s Real-World Protection Test is currently the most comprehensive and complex test available, using a large number of test cases.

AV-Comparatives’ Real-World Protection Test is currently the most comprehensive and complex test available, using a large number of test cases. Currently, we are running this test under Microsoft Windows 10 Pro RS4 64 Bit with up-to-date third-party software (such as Adobe Flash, Adobe Acrobat Reader, Java, etc.). Due to this, finding in-the-field working exploits and running malware is much more challenging than e.g. under an non-up-to-date system with unpatched/vulnerable third-party applications.

This fact sheet is a short overview of the Whole-Product Dynamic Real-World Protection Test results of July 2018. The detailed overall result consumer product reports (covering five months each) are released in July and December. Each of the overall result reports will also contain a false-alarm test and will contain the awards the products reached based on their overall scores during the respective five-month period. For more information about this Real-World Protection Test, please read the detailed factsheet.

https://www.av-comparatives.org/tests/real-world-protection-test-august-2018-factsheet/


Testcases
Over the year we evaluate several tens of thousands malicious URLs. Unfortunately, many of these have to be discarded for various reasons. We remove duplicates such as the same malware hosted on different domains or IP addresses, sites already tested, “grey” or non-malicious sites/files, and malware/sites disappearing during the test. Many malicious URLs carrying exploits were not able to compromise the chosen system/applications because of the patch level. This means that the vulnerabilities in the third-party applications on the system were already patched and the exploits could therefore not deliver their malicious payload. Users should be aware that by always keeping their system and third-party applications up-to-date/patched, they can dramatically decrease the risk posed by exploits.

Test Results
The results are based on the test set of 186 live test cases (malicious URLs found in the field), consisting of working exploits (i.e. drive-by downloads) and URLs pointing directly to malware. Thus exactly the same infection vectors are used as a typical user would experience in everyday life. The test-cases used cover a wide range of current malicious sites and provide insights into the protection given by the various products (using all their protection features) while surfing the web.

Every month (from February to June and from July to November) we update the charts on our website showing the protection rates of the various tested products over the various months. The interactive charts can be found on our website. The chart below shows only the protection scores for the month of JULY 2018 (186 test cases). The results of the false-positives test are also shown in the monthly factsheets/graph.

AV-Comparatives releases Android App that lets you see the latest news, test reports and other publications.

Stay up-to-date in the IT Securtiy Industry with the AV-Comparatives Android App. You can easily bookmark any articles or stories so you can find them quickly later.

AV-Comparatives is pleased to announce the release of the AVC-News app. This is a free mobile app for Android* that lets you see the latest news, test reports and other publications by AV-Comparatives.

Stay up-to-date in the IT Security Industry with the AV-Comparatives Android App: AVC-News app.

Get it on Google Play

Within the AV-Comparatives Android app, you can easily bookmark any articles or stories so you can find them quickly later. We’ll also send you push notifications when there are new test results or other articles, so you have the latest AV-Comparatives information at your fingertips.


Some more features included in the app are:

– Interactive charts
– Descriptions of test methodologies
– An overview of awards given to each vendor
– IT security tips
– AV vendors overview per platforms

Please try out the AVC-News app and see for yourself what it can do!

*we are developing an iOS version too, and hope to release it within the next few months.

Mac Security Software Suites – Do They What They Shall Do? A Test/Review by AV-Comparatives – 2018

The closed Apple ecosystem reduces the risk of malware. This does not mean that Mac users are immune to threats. Phishing does work everywhere, also on Mac!

It is an often-heard view that macOS computers don’t need antivirus protection. Whilst it is certainly true that the population of macOS malware is tiny compared to that for Windows and Android, there have been instances of macOS malware getting into the wild. Moreover, Apple Mac security needs to be considered in the wider context of other types of attacks.

Read the full test here:
https://www.av-comparatives.org/tests/mac-security-test-review-2018/


In addition, it should be noted that Apple themselves ship some anti-malware capabilities within macOS. Firstly, there is “Gatekeeper”, which warns which warns when apps without a digital signature are run. Then, there is “XProtect”, which checks files against known-malware signatures. Finally, apple provide MRT (Malware Removal Tool). Gatekeeper and MRT are essentially invisible to users and have no direct user interface for the user. System updates are installed automatically using the update process. Despite the built-in capabilities, some security experts recommend strengthening the defenses by adding in a third-party antivirus package. There are many good reasons for this. Firstly, the approach taken by Apple might be adequate for well-established malware, but might not respond quickly enough to emerging threats. Secondly, you might want a broader base of malware evaluation.

Some vendors’ macOS security products can detect malware aimed at other operating systems too. Hence an AV program on your macOS computer could effectively handle Windows and Android malware too. Of course, there is no method by which Windows or Android malware could directly infect a macOS device. However, there are scenarios where you might well benefit from scanning for such threats. For example, if you are given a USB stick of photos by one friend, who asks you to make a copy for a second friend. They both use Windows, but you are using a macOS computer. There is Windows malware on the USB stick, and you make a copy of all the files. In this scenario, it is useful to be able to ensure that malware is not inadvertently passed on from one friend to another, even if your own machine is not at risk.

Mac security programs can offer other capabilities too. For example, browser extensions can identify web sites which are potentially phishing locations. Readers should note that Mac users are just as vulnerable to phishing attacks as users of e.g. Windows, as phishing sites function by deceiving the user rather than by altering the operating system or browser.

Other packages might offer VPN (virtual private network) capabilities which can be very useful when you need to operate your computer in an untrusted environment, like a public location, internet café or other place where you are not sure of the integrity of the connection. You might also want to replace macOS’ built-in parental control capabilities with third party tools, if you believe this is more appropriate to your family needs.

Before purchasing a Mac security solution, you also need to decide on the size and scope of the protection you wish to deploy. It might be for a single computer, or to a laptop and desktop. Or you might have a family environment. There might be a mixture of macOS laptops and desktops, but also other devices too like Windows desktops and laptops, along with iOS and Android phones and tablets. For this environment, a broader and more flexible licensing package might well be appropriate.

This could allow you to purchase e.g. 5 licenses and then distribute them amongst your collection of devices. It could also give you the flexibility to transfer licensing from one device to a new item, e.g. if you need to replace an aging Windows laptop with a new MacBook. Some packages offer cloud-based management interfaces. Usually this is to cover the licensing of the packages, but some can also be used to initiate malware scans and device updates and manage parental control capabilities.

Experienced and responsible Mac users who are careful about which programs they install, and which sources they obtain them from, may well argue – very reasonably – that they are not at risk from Mac malware. However, we feel that non-expert users, children, and users who frequently like to experiment with new software, could definitely benefit from having security software on their Mac systems, in addition to the security features provided by the Mac OS itself. Readers who are concerned that third-party security software will slow their Mac down can be reassured that we considered this in our test; we did not observe any significant performance reduction during daily operations with any of the programs reviewed.

As with Windows computers, Macs can be made safer by employing good security practices. We recommend the following:

Do not use an administrator account for day-to-day computing
Use a sandboxed browser such as Google Chrome
Uninstall/disable the standalone Flash Player
Uninstall/disable Java unless it is essential for you
Keep your Mac operating system and third-party software up-to-date with the latest patches
Use secure passwords (the Mac includes the KeyChain password manager)
Deactivate any services such as Airport, Bluetooth or IPv6 that you don’t use
Be careful about which programs you install and where you download them from

Read the full test here:
https://www.av-comparatives.org/tests/mac-security-test-review-2018/

AV-Comparatives releases July 2018 results of their Consumer Real-World Protection Test of Internet Security Suites

AV-C’s Real-World Protection Test is currently the most comprehensive and complex test available, using a large number of test cases.

AV-ComparativesReal-World Protection Test is currently the most comprehensive and complex test available, using a large number of test cases. Currently, we are running this test under Microsoft Windows 10 Pro RS4 64 Bit with up-to-date third-party software (such as Adobe Flash, Adobe Acrobat Reader, Java, etc.). Due to this, finding in-the-field working exploits and running malware is much more challenging than e.g. under an non-up-to-date system with unpatched/vulnerable third-party applications.

This fact sheet is a short overview of the Whole-Product Dynamic Real-World Protection Test results of July 2018. The detailed overall result consumer product reports (covering five months each) are released in July and December. Each of the overall result reports will also contain a false-alarm test and will contain the awards the products reached based on their overall scores during the respective five-month period. For more information about this Real-World Protection Test, please read the detailed factsheet.

https://www.av-comparatives.org/tests/real-world-protection-test-july-2018-factsheet/


Testcases
Over the year we evaluate several tens of thousands malicious URLs. Unfortunately, many of these have to be discarded for various reasons. We remove duplicates such as the same malware hosted on different domains or IP addresses, sites already tested, “grey” or non-malicious sites/files, and malware/sites disappearing during the test. Many malicious URLs carrying exploits were not able to compromise the chosen system/applications because of the patch level. This means that the vulnerabilities in the third-party applications on the system were already patched and the exploits could therefore not deliver their malicious payload. Users should be aware that by always keeping their system and third-party applications up-to-date/patched, they can dramatically decrease the risk posed by exploits.

Test Results
The results are based on the test set of 186 live test cases (malicious URLs found in the field), consisting of working exploits (i.e. drive-by downloads) and URLs pointing directly to malware. Thus exactly the same infection vectors are used as a typical user would experience in everyday life. The test-cases used cover a wide range of current malicious sites and provide insights into the protection given by the various products (using all their protection features) while surfing the web.

Every month (from February to June and from July to November) we update the charts on our website showing the protection rates of the various tested products over the various months. The interactive charts can be found on our website. The chart below shows only the protection scores for the month of JULY 2018 (186 test cases). The results of the false-positives test are also shown in the monthly factsheets/graph.

IoT Mobile Security Solutions tested by AV-Comparatives – Can they protect your Android Smartphone? – 2018

This report provides test results and reviews of security products for smartphones running Google’s Android operating system.

This Andrdoid Mobile Security Review and Test performed by AV-Comparatives provides test results and reviews of security products for smartphones running Google’s Android operating system. Amongst other things, this report aims to help readers decide whether they would benefit from the more comprehensive and sophisticated security features provided by a third-party security app.

Please finde the report here:
https://www.av-comparatives.org/tests/mobile-security-review-2018/#avc-undroid-analyzer


Besides the reviews, which cover the user experience of the apps, the results of comprehensive tests on malware protection rates and battery consumption are provided as well. Additionally, a short table at the end of each product report gives an overview of any anti-theft functions included in that product. Many of the reviewed and tested apps have components which are not security-related, such as power and memory optimizers and data backup tools.

The review mainly focuses on the security features – anti-malware, anti-theft, and privacy – and only mentions further functionalities briefly. The structure of each product report is identical, allowing readers to compare products easily.

The main purpose of a mobile security product is to protect users and their devices from potential harm inflicted by malicious apps, fraudulent mails, or phishing URLs. Readers should note that recent Android versions incorporate some basic anti-malware features. For example, Google’s built-in malware scanner Play Protect checks apps during installation from the Google Play store or a third-party source and scans the device continuously for any threats. Google’s Safe Browsing API protects against malware and phishing links when the user is surfing the Internet using the Chrome browser.

Furthermore, an anti-theft component in a security app could be used to find a lost or stolen phone, and/or prevent access to any personal data stored on the device. Basic anti-theft features (lock, locate, alarm, and wipe) are already provided by recent versions of Android via Google’s Find My Device function.

On the following pages, we provide a brief overview of the risks facing smartphone users from malware and the loss or theft of their device, and discuss the benefits of security apps. We start by recapping Android Oreo’s new features and security behaviour changes. Furthermore, we will argue why it is not advisable to rely only on built-in malware protection features (all latest and newer Android devices are already equipped with such functions), but instead install a third-party anti-virus app to be better protected against security threats. After that, we give a short summary of security features and their main sub-components commonly implemented in typical security apps for Android.

At the end of the introduction, we list the participating security products, and present the results of the malware and battery drain tests. Detailed reviews of the individual products follow, in which we will shed light on the layout and usage of the features. In the table representing a product’s anti-theft features, we comment on each function briefly and use the following symbols to indicate how well it worked in our tests.

Google Play Protect

In May 2017, Google announced its new built-in malware protection for Android, Play Protect, which checks apps and APK files when they are downloaded using the Google Play store app or third-party sources. Since August 2017, it has been available on all Android devices with Google Play Services 11 or later, and is preinstalled on devices with Android 8.0 and later. Play Protect constantly monitors the device and all the user’s data, and notifies the user of any security risks found. It also scans the Google Play store and all installed apps for any signs of malware, and includes the three functions malware scanner, device loss (Find My Device), and safe browsing.

One might think that third-party anti-virus apps are no longer necessary for Android devices, due to Google’s built-in malware and protection features. This might be true for Android devices with Play Protect integrated into the preinstalled Google Play store app. However, some Android devices (e.g., Amazon’s Fire line) do not benefit from the built-in malware protection of Play Protect as they do not run Google apps by default.

Please finde the report here:
https://www.av-comparatives.org/tests/mobile-security-review-2018/#avc-undroid-analyzer

Free Security Service Available:

At this point, we would like to recommend AVC UnDroid, our Android app analysis tool, which is available free to all users. It is a static analysis system for detecting suspected Android malware and adware and providing statistics about it. Users can upload APK files and see the results in various analysis mechanisms.

We invite readers to try it out:

AV-Comparatives publishes Anti-Phishing Certification Test – AVAST, FORTINET and KASPERSKY certified

AV-Comparatives released the results of the anti-phishing certification test. This qualification test is the most comprehensive anti-phishing test available.

AV-Comparatives publishes test results of security companies passing the 2018 phishing challenge

The independent security software tester AV-Comparatives released the 2018 results of the yearly anti-phishing certification test. This yearly qualification test is the most comprehensive and challenging anti-phishing test available.

Relevance of specialized Anti-Phishing protection

Phishing is an attempt to obtain sensitive personal or financial information such as usernames, passwords, credit card and banking details for malicious and fraudulent purpose by posing as a reputable entity or person. Phishing attempts typically contain a message (the bait) in a trustworthy look and feel containing a link (the hook) to a malicious website.

Three security vendors pass the 2018 challenge – Avast, Fortinet, Kaspersky

Security products passing the challenge have proven to successfully block at least 90% of malicious URL’s. These URL’s were fresh and active phishing campaigns, which we collected, verified and analyzed through our real-world malware testing environment. The freshness of our test set is what makes our phishing protection test so challenging and unique.

The follwing vendors reached the certification:

Avast
Fortinet
Kaspersky

Read the full report here!

Read the full test methodolgy here!

AV-Comparatives publishes 2018 enterprise IT-security test under real-world conditions

AV-Comparatives released results of their 2018 enterprise IT-security test. It is the most complete Business security comparative test in the IT security industry.

Business Security Test 2018 (March – June)


AV-Comparatives publishes 2018 enterprise IT-security test with usability reviews to assess endpoint effectiveness under real-world conditions

18 July 2018, Innsbruck, Austria – The independent security software tester AV-Comparatives released the half year results of their Business Main-Test Series. It is the most complete Enterprise IT security comparative test in the endpoint security industry.

The real-world effectiveness of an endpoint protection IT security solution is not solely based on the results of Av-Comparatives’ award-winning test framework, but also includes a review on the ease of use of these market leaders brand business security solutions. This multi aspect assessment makes AV-Comparatives Business Main-Test Series the most comprehensive endpoint security report for small to large business organizations.

Download the complete 72-page PDF report for free
https://www.av-comparatives.org/wp-content/uploads/2018/07/avc_biz_2018_07_en.pdf

________________________________________

Most comprehensive Business IT-Security Test

We are pleased to announce the publication of the half-year report of our Business Main-Test Series. This business test assesses endpoint protection on multiple aspects. AV security software is available for all sizes and types of business. Effectiveness of endpoint security should also be evaluated in the context of the organization it is applied in. What fits well at the smaller end of the SME (small to medium enterprise) market is probably not going to be quite so appropriate to larger corporations.

To provide practical and useful information to security specialists, IT-managers and business owners, AV-Comparatives assesses business security products on multiple aspects:

Real-World Protection
This test mimics the dangers an end-user encounters in every day conditions. This award winning dynamic test allows to fully test all protection mechanisms of an AV-solution during all stages of a malware intrusion scenario. This test includes a false positives test on (wrongly blocked) domains as well as (wrongly blocked) downloaded files.

Malware Protection
AV-products are assessed on their ability to protect a system against infection by malicious files before, during or after execution. This test includes a false positives test on common business software. The effectiveness of endpoint protection is critically influenced by both malware infections and false positives, because both disrupt business operations.

Performance Impact
False positives and performance impact are two important factors determining end user acceptance of security products. When users are not hindered they have no incentives to evade company security policies, making these aspects an indirect success factor.

Product Reviews
The individual reviews provide insights in the ease of use and central management. Ease of use includes installation & deployment, daily use and remediation & outbreak containment. With the increasing importance of BYO (bring your own) the ease of which various sorts of endpoint devices can be protected is an important consideration for most organizations.



AV-Comparatives Approved Business Product Award

As in previous years, we are giving our “Approved Business Product” award to qualifying products. As we are now conducting two tests of business products per year, separate awards will be given to qualifying products in July (for March-June tests), and December (for August-November tests) for July, and one for December.

We congratulate the 16 vendors who are participating in the Business Main-Test Series for having their business endpoint protection products publicly tested by an independent lab, showing their commitment to improving their products, being transparent to their customers and having confidence in their product quality. Read our report to see which products were awarded.

Read More

_____________________________________________

About AV-Comparatives


AV-Comparatives is an independent organization offering systematic testing to check whether security software, such as PC/Mac-based antivirus products and mobile security solutions, lives up to its promises. Using one of the largest sample collections worldwide, it creates a real-world environment for truly accurate testing. AV-Comparatives offers freely accessible results to individuals, news organizations and scientific institutions. Certification by AV-Comparatives provides an official seal of approval for software performance, which is globally recognized.

The results can be used by editors / media / bloggers etc. for free. Please give as source https://www.av-comparatives.org

AV-Comparatives released its Internet Security Suites Consumer Real-World Protection Test – 2018 (February – June)

18 Internet Security Suites for Windows tested in a Real-World Environment in a long term test – more testcases than ever!!

18 Internet Security Suites for Windows tested in a Real-World Environment.

Currently, AV-Comparatives‘ Whole-Product Dynamic Real-World Protection Test is the most comprehensive and complex test available when it comes to evaluating the real-life protection capabilities of antivirus software. Simply put, the test framework replicates the scenario of an everyday user in an everyday online environment – the typical situation that most of us experience when using a computer with an Internet connection. It creates a realistic setting where the antivirus products must show their ability to thoroughly protect the user’s computer when surfing the web.

Find the detailed results on the AV-Comparatives’ website!

In this test, all protection features of the product can be used to prevent infection – not just signatures or heuristic file scanning. A suite can step in at any stage of the process – accessing the URL, downloading the file, formation of the file on the local hard drive, file access and file execution – to protect the PC. This means that the test achieves the most realistic way of determining how well the security product protects the PC. Because all of a suite’s components can be used to protect the PC, it is possible for a product to score well in the test by having e.g. very good behavioural protection, but a weak URL blocker. However, we would recommend that all parts of a product should be as effective as possible. It should be borne in mind that not all malware enters computer systems via the Internet, and that e.g. a URL blocker is ineffective against malware introduced to a PC via a USB flash drive or over the local area network.

In spite of these technologies, it remains very important that also conventional and non-cloud features such as the signature-based and heuristic detection abilities of antivirus programs continue to be tested. Even with all the protection features available, the growing frequency of zero-day attacks means that some computers will inevitably become infected. As signatures can be updated, they provide the opportunity to recognize and remove malware which was initially missed by the security software. Other protection technologies often offer no means of checking existing data stores for already-infected files, which can be found on the file servers of many companies. Those security layers should be understood as an addition to good detection rates, not as a replacement.

The Whole-Product Dynamic “Real-World” Protection test is a joint project of AV-Comparatives and the University of Innsbruck’s Faculty of Computer Science and Quality Engineering. It is partially funded by the Republic of Austria.

The methodology of our Real-World Protection Test has received the following awards and certifications, including:

Constantinus Award – given by the Austrian government
Cluster Award – given by the Standortagentur Tirol – Tyrolean government
eAward – given by report.at (Magazine for Computer Science) and the Office of the Federal Chancellor
Innovationspreis IT – “Best Of”– given by Initiative Mittelstand Germany
_______________________________________________________________________________

About AV-Comparatives

AV-Comparatives is an independent organisation offering systematic testing to check whether security software, such as PC/Mac-based antivirus products and mobile security solutions, lives up to its promises. Using one of the largest sample collections worldwide, it creates a real-world environment for truly accurate testing. AV-Comparatives offers freely accessible results to individuals, news organizations and scientific institutions. Certification by AV-Comparatives provides an official seal of approval for software performance, which is globally recognized.

The results can be used by editors / media / bloggers etc. for free. Please give as source https://www.av-comparatives.org

AV-Comparatives – Malware in the media June 2018 – Same old song with a different meaning?

This month’s AV-Comapratives’ blog is about Mark Zuckerberg’s promise, GDPR, Facebook’s new data leak and politicians putting their money where their mouth is.

No, AV-Comparatives is not going to talk about the classic Motown song out of the sixties performed by the Four Tops. This month’s blog is about Mark Zuckerberg’s promise, GDPR, Facebook’s new data leak and politicians putting their money where their mouth is. The question is, will that money be put on privacy or security?


The same old song

Only three months ago, the NY Times, Guardian and Observer reported a massive data breach by Cambridge Analytica involving millions of Facebook users. When the press and politicians dived into this scandal it turned out that sensitive privacy data of 87 million Facebook users was misused.

After the incident picked up media attention, Mark Zuckerberg, the CEO of Facebook apologized to press and US and EU politicians and promised to take measures to prevent this from ever happening again. After the meetings Facebook announced to improve its security and privacy settings.

With a different meaning?

Well we at AV-Comparatives are sad to say not really. On the 27th of June 2018 the Norwegian Consumer Council Forbrukerradet published a report ‘deceived by design’ in which tech companies like Google and Facebook are accused of applying misleading ‘dark patterns’. These ‘dark patterns’ trick users in choosing less secure and private settings in favour of user tracking and advertising.

When these ‘dark patterns’ have the claimed effect on user privacy, these documented practices should trigger the attention of GDPR policy keepers. The goal of the GDPR is to protect the privacy of EU-citizens.

Mark Zuckerberg faced EU-parliament three days before the GDPR became effective. This explains why he only faced the (toothless) EU for 90 minutes while spending two full days to explain himself to the US-senate.

To make things worse, on the 28th this month Facebook came under fire again, because ‘Name Test’, a popular Facebook Quiz app, had exposed privacy sensitive data of 120 million Facebook users.

Put your money on privacy or security?

The ‘deceive by design’ report and the recent Facebook data breach seemingly make a strong case for a further investigation on Facebook’s GDPR’s compliance. Not complying with GDPR-standards can lead to fines up to 20 million euro or four percent of the world-wide turnover of a company (whatever is more). Facebook’s revenue surpassed 40 billion dollars in 2017.

Why is nobody mentioning the GDPR in relation to recent Facebook data breaches? Such a law case would make a great show case for privacy. Image what EU-projects and policies could be affected with a 1.6-billion-dollar budget (four percent of Facebook’s annual turnover).

To answer our own question, both press and politics have shifted their attention to other issues. The press seems to focus on US and EU immigration issues and politicians seem to be preparing the US and the EU on a future cyber war.

____________

About AV-Comparatives
AV-Comparatives is an independent organization offering systematic testing that checks whether security software, such as PC/Mac-based antivirus products and mobile security solutions, lives up to its promises. Using one of the largest sample collections worldwide, it creates a real-world environment for truly accurate testing. AV-Comparatives offers freely accessible results to individuals, news organizations and scientific institutions. Certification by AV-Comparatives provides an official seal of approval for software performance which is globally recognized.

The story of AV-Comparatives began the way it does with so many computer users, namely with a virus infection. In 1993, Andreas Clementi was hit by a computer virus: the “November 17 virus – NOV_17.855”. This awakened his interest. Andreas was not satisfied with the sometimes very contradictory tests of antivirus programs in computer magazines, and so began the intensive investigation of malware and antivirus software, which continues to this day. In 1999, he founded AV-Comparatives as a student project at the University of Innsbruck. This was done purely out of technical interest, to see how good the products of different manufacturers actually are. The response was enormous, as the manufacturers of antivirus software became aware of the duo in Innsbruck and wanted to take part in the tests.