We released our Consumer Malware Protection Test. Any samples that have not been detected e.g. on-access are executed on the test system. A false alarm test is also included. While in the Real-World Protection Test the vector is the web, in the Malware Protection Test the vectors can be e.g. network drives, USB or cover scenarios where the malware is already on the disk.
Spotlight on security: The Curse of the False Positive
By David Harley
When is a false positive (FP) really a false positive? How much care should security vendors take to avoid or at worst fix them: do they really matter at all?
Consumer Malware Protection Test September 2019
Consumer Malware Protection Test March 2019
Consumer Malware Protection Test September 2018
Spotlight on security: The problem with false alarms
False Positives (FPs, also known as False Alarms) are harmless and legitimate programs that are incorrectly identified as malicious by an antivirus program. A false positive can have very serious consequences. In some cases, it will not be possible to run a legitimate program if it is blocked by the security software.
Consumer Malware Protection Test March 2018
Advanced Endpoint Protection Test
AV-Comparatives has published the findings of an Advanced Endpoint Protection Test, consisting of the following component tests:
- PowerShell-based file-less attacks and file-based exploits test, including false alarm test
- Proactive Protection Test, including false alarm test
- Real-World Protection Test, including false alarm test
- Ransomware test
The tests were performed between November 2017 and January 2018. The primary goal was to compare the automatic prevention and detection capabilities of different endpoint protection solutions. The test was commissioned by Bitdefender. Products by the following vendors were tested (please note that the results apply only to the specific program versions and settings that are described in the report): Bitdefender, Carbon Black, CrowdStrike, Cylance, Kaspersky Lab, McAfee, SentinelOne, Sophos and Symantec. The full report can be downloaded from here (PDF).
Malware Protection Test September 2017
Malware Protection Test March 2017
We released our newly introduced Malware Protection Test. It assesses a security program’s ability to protect a system against infection by malicious files; what is unique about this test is that in addition to checking detection in scans, it additionally assesses each program’s last line of defence. Any samples that have not been detected e.g. on-access are executed on the test system, with Internet/cloud access available, to allow features such as behavioural protection to come into play. A false alarm test is also included.
You can find additional information in the following two blog posts: