Corporate Partners

e-Threats Automated Malware Testing

Review by Enex TestLab


Every month we will be publishing the results of our Enex TestLab eThreatz comparative real world test of eight anti-malware products marketed for the SME sector of business.

eThreatz six-month round-up: Malware innovation outpacing security defences, eThreatz testing shows

The products under eThreatz test will be:

  • Symantec Endpoint Protection for Small Business
  • Sophos Anti Virus
  • Kaspersky Small Office Security
  • Microsoft Security Essentials
  • Trend Micro Worry Free Business Security Standard Edition
  • eSet NOD 32 Antivirus
  • Panda Security for Business
  • McAfee Endpoint Protection Suite

2014 2013 2012 2011
December  December  December  December 
November November November November
October October October October
September September September September
August August August August
July  July  July   
June June June  
May May May  
April April April  
March March March  
February February February  
January January January  


We will compare the anti malware products under real world conditions using live malware captured from our own honey pots immediately before the testing is carried out. Proven live threats using active attack vectors and benign internet based files will be sought, subsequently analysed, and reported on as percentages in the context of false positives, false negatives, true positives, and true negatives. All testing will be performed via the HyperText Transfer Protocol (HTTP). Enex TestLab will not manufacture or manipulate any malware samples. While an assessment of the security to performance impact ratio of each product under test is possible by Enex TestLab eThreatz, it will not be carried out as part of this standard testing process. A simplified generic example of the test architecture is shown in Figure 1.

Figure 1: Generic test architecture.

The architecture shown in Figure 1 will include a 'control' channel in addition to product offerings 1, 2, and 3. BASE (Behaviour Analysis System Environment) is used to execute and categorise files based on malicious or benign actions. DNA (Direct Network Automation) ensures that all product offerings under test make near simultaneous HTTP connections to each live website in the test set. The architecture ensures that malware and benign threats are captured, analysed, and compared to provide intelligence on which security component (shown in red text) blocks or allows specific files, and at what point in the security chain, depending on the parameters and purpose of the individual test.

The results will be published every month in summary form, freely available to all readers. In addition, a detailed Enex TestLab eThreatz report will be produced and be available by subscription from Enex TestLab.

For more information on Enex TestLab eThreatz anti-malware testing see

Join the CSO newsletter!

Error: Please check your email address.

Tags symantecmcafeeMicrosoft securitysecurityanti-viruskasperskypanda securityesetsophosTrendmicro

More about CSOEnex TestLabKasperskyMicrosoftPandaPanda SecuritySophosSymantec

1 Comment

day trading


each time i used to read smaller posts that also clear their motive, and that is also happening with this paragraph which I
am reading at this time.

Comments are now closed

Market Place