eThreatz Automated Malware Testing

Review by Enex TestLab

Introduction

Every month we will be publishing the results of our Enex TestLab eThreatz comparative real world test of eight anti-malware products marketed for the SME sector of business.

eThreatz six-month round-up: Malware innovation outpacing security defences, eThreatz testing shows

The products under eThreatz test will be:

  • Symantec Endpoint Protection for Small Business
  • Sophos Anti Virus
  • Kasperski Small Office Security
  • Microsoft Security Essentials
  • Trend Micro Worry Free Business Security Standard Edition
  • eSet NOD 32 Antivirus
  • Panda Security for Business
  • McAfee Endpoint Protection Suite

We will compare the anti malware products under real world conditions using live malware captured from our own honey pots immediately before the testing is carried out. Proven live threats using active attack vectors and benign internet based files will be sought, subsequently analysed, and reported on as percentages in the context of false positives, false negatives, true positives, and true negatives. All testing will be performed via the HyperText Transfer Protocol (HTTP). Enex TestLab will not manufacture or manipulate any malware samples. While an assessment of the security to performance impact ratio of each product under test is possible by Enex TestLab eThreatz, it will not be carried out as part of this standard testing process. A simplified generic example of the test architecture is shown in Figure 1.

Figure 1: Generic test architecture.

The architecture shown in Figure 1 will include a 'control' channel in addition to product offerings 1, 2, and 3. BASE (Behaviour Analysis System Environment) is used to execute and categorise files based on malicious or benign actions. DNA (Direct Network Automation) ensures that all product offerings under test make near simultaneous HTTP connections to each live website in the test set. The architecture ensures that malware and benign threats are captured, analysed, and compared to provide intelligence on which security component (shown in red text) blocks or allows specific files, and at what point in the security chain, depending on the parameters and purpose of the individual test.

The results will be published every month in summary form, freely available to all readers. In addition, a detailed Enex TestLab eThreatz report will be produced and be available by subscription from Enex TestLab.

For more information on Enex TestLab eThreatz anti-malware testing see http://www.enextestlab.com/web/guest/ethreatz

Tags anti-virus

1 Comment

day trading

1

each time i used to read smaller posts that also clear their motive, and that is also happening with this paragraph which I
am reading at this time.

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

ZENworks® Endpoint Security Management

Get Powerful Protection for All of Your Mobile Devices

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.