Antivirus Software And The Rigorous Testing Procedures

With so many spyware purveyors around, it can be tiring for computer users to tell which antivirus software is legitimate, much less which of the genuine antivirus programs are best suitable for their own needs. The problem might be exacerbated if you don’t realize who checks what in addition to how to understand what the results mean.

One recent example, carried out by NSS Labs, was a examination focusing on detection of socially engineered malware. Those investigation results award a glowing evaluation to Trend Micro Internet Security Suite. Unfortunately, the best part of the praise might be unfounded. Examine the examination statement closely and it is actually pretty obvious that while Trend Micro Internet Security Suite performed well on blacklisting and whitelisting of the 3,243 notorious URLs that were being used in the assessments, once confronted with an actual executable Trend Micro detected and blocked merely 5.5% of the malware. The NSS Labs test also specifically barred any exploit detection, a significant omission given that susceptibility exploits to distribute malware have never been higher.

Another instance might be seen with the latest (non-beta) entry of Microsoft Security Essentials. Despite the fact that MSE stacks up fine in comparison to other gratis antivirus (third highest in accordance to tests published in PC World and supplied by, free antivirus lacks a lot of the proactive features required to protect against today’s malware. The for-pay antivirus software, in particular the security suites, blend reputation, performance analysis, plus habitually even sandboxing along with signature-based scanning. The gratis antivirus usually consists of signature-based scanning only and as a consequence plainly can not present the same level of fortification as can the paid-for protection. Not to point out that with 30,000+ additional virus samples discovered each day of the week, even the top signature scanners are struggling to keep up.

Virus Bulletin’s VB100 award is a further experiment that is habitually subject to controversy and of which results are generally mistaken. The VB100 is actually one of the oldest running antivirus detection assessments and relies heavily on something known as the WildList. The WildList is a collection of malware that has been vetted by at least two separate journalists.

If you were to buy antivirus or anti spyware software the VB100 assessments set a minimum bar. If a software is routinely submitted to Virus Bulletin meant for testing, you can be confident that the scanner is genuine, of good standing, and also making every effort to make sure high quality and also ability of their scan engine. Trend Micro is one of the rare vendors who refuses to participate in the VB100 testing, having announced a ‘boycott’ subsequent to alleged consecutive failures on the tests.

The VB100 tests also comprise checking for false positives, an inconsistent detection that can be extremely troublesome plus oftentimes even costly to customers. One false detection of a genuine document, and the scanner fails this piece of the VB100 testing. Scanners that routinely put forward for VB100 testing strive hard to make certain false positives will not occur.

Perhaps most importantly, the VB100 assessments measure equally on-demand (pure signature) and on-access (real-time) protection. Real-time security is where practical features such as behavior analysis kick in. The on-access assessments are basically the closest proximation of the real user experience and consequently play an imperative role in determining the suitability of an antivirus scanner. In other terms, while the number of malware tested might appear inadequate given the > 3 million malware around today, the nature of the assessments are rigorous and do provide a very valuable means to withdraw the wheat from the chaff. Something not every test service is able to do.

Leave a Comment

Previous post:

Next post: