tag:blogger.com,1999:blog-804714437673009003.post6515070748120452431..comments2024-02-23T09:06:13.967+00:00Comments on Dynamoo's Blog: An informal anti-virus comparisonUnknownnoreply@blogger.comBlogger8125tag:blogger.com,1999:blog-804714437673009003.post-75792569582590618132013-10-09T16:37:12.045+01:002013-10-09T16:37:12.045+01:00Although not on VirusTotal you can add-on Sanesecu...Although not on VirusTotal you can add-on Sanesecurity signatures to ClamAV:<br /><br />http://sanesecurity.com/usage/signatures/<br /><br />rogue.hdb will detect the emailed zipped stuff, as well as the phish.ndb database.Steve Basfordhttps://www.blogger.com/profile/09190356137354403294noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-886533685434604102013-10-09T08:29:53.815+01:002013-10-09T08:29:53.815+01:00"... YMMV. Other anti-virus comparisons are a..."... YMMV. Other anti-virus comparisons are available..."<br />You betcha, such as this one:<br />- https://www.virusbtn.com/vb100/rap-index.xml<br />... and this one:<br />- http://chart.av-comparatives.org/chart1.php<br />... which (for me, anyway) just adds to the "gray" area in all this.<br />It's been going on for years, these comparisons, and as long as there is<br /PC.Techhttps://www.blogger.com/profile/10633725838094855981noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-79892408870362091912013-10-08T20:43:10.965+01:002013-10-08T20:43:10.965+01:00@Jamie: I was surprised to see it down there. But ...@Jamie: I was surprised to see it down there. But this is one of the products you would apply as part of a layered defence.<br />Conrad Longmorehttps://www.blogger.com/profile/11751822299235747323noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-68881687654347497282013-10-08T20:41:47.976+01:002013-10-08T20:41:47.976+01:00Yes, it's not as simple as a league table, and...Yes, it's not as simple as a league table, and some products are great for consumers but are difficult to manage for corporates, and vice versa.<br /><br />However, one key thing that is different in my methodology from a more formal approach is that the statistics are taken from emerging threats rather than established ones. It's all very well having a product that can detect malware Conrad Longmorehttps://www.blogger.com/profile/11751822299235747323noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-46232632899070875862013-10-08T20:12:23.961+01:002013-10-08T20:12:23.961+01:00The funny thing is Clam will catch stuff when it i...The funny thing is Clam will catch stuff when it is in the .eml file that it doesn't catch as a zip or exe.<br /><br />Stuff that the bottom 75% of that list doesn't catch at all.Jamiehttps://www.blogger.com/profile/16344348277203345239noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-66423166176310337892013-10-08T19:30:42.813+01:002013-10-08T19:30:42.813+01:00Yeah, I know you said that :-)
It's just that...Yeah, I know you said that :-)<br /><br />It's just that.. well.. I think these comparisons don't really help anyone.<br /><br />I think there <i>is</i> a serious question to be asked about how good anti-virus protects against real threats. The problem with these kinds of 'tests' (despite you being very clear about its limitations) is that "AV haters" are made to believemartijnhttps://www.blogger.com/profile/03463307000398178175noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-65848951000145004892013-10-08T19:18:58.410+01:002013-10-08T19:18:58.410+01:00Hmm.. there's a difference between "endpo...Hmm.. there's a difference between "endpoint protection" which is a product that includes many elements, and signature-based AV scanning which is a lot dumber. A lot of people still rely too heavily on the last part, in my opinion.<br /><br />It should also be noted that some of these products form PART of whole defensive package, especially gateway products and things like ClamAV Conrad Longmorehttps://www.blogger.com/profile/11751822299235747323noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-69713873171030191432013-10-08T18:46:44.534+01:002013-10-08T18:46:44.534+01:00You know that Virus Total makes a pretty clear sta...You know that Virus Total makes a pretty clear <a href="https://www.virustotal.com/en/about/" rel="nofollow">statement</a> saying that their site shouldn't be used for comparative anti-virus tests.<br /><br />I also don't agree that AV, especially in the way it is deployed at VT, should be the last line of defense. That last line should be something that prevents malicious activities frommartijnhttps://www.blogger.com/profile/03463307000398178175noreply@blogger.com