Corporate Partners

e-Threats Automated Malware Testing

Review by Enex TestLab



Every month we will be publishing the results of our Enex TestLab eThreatz comparative real world test of eight anti-malware products marketed for the SME sector of business.

eThreatz six-month round-up: Malware innovation outpacing security defences, eThreatz testing shows

The products under eThreatz test will be:

  • Symantec Endpoint Protection for Small Business
  • Sophos Anti Virus
  • Kaspersky Small Office Security
  • Microsoft Security Essentials
  • Trend Micro Worry Free Business Security Standard Edition
  • eSet NOD 32 Antivirus
  • Panda Security for Business
  • McAfee Endpoint Protection Suite

2015 2014 2013 2012 2011
  December  December  December  December 
  November November November November
  October October October October
  September September September September
  August August August August
  July  July  July   
  June June June  
  May May May  
  April April April  
  March March March  
  February February February  
January January January January  


We will compare the anti malware products under real world conditions using live malware captured from our own honey pots immediately before the testing is carried out. Proven live threats using active attack vectors and benign internet based files will be sought, subsequently analysed, and reported on as percentages in the context of false positives, false negatives, true positives, and true negatives. All testing will be performed via the HyperText Transfer Protocol (HTTP). Enex TestLab will not manufacture or manipulate any malware samples. While an assessment of the security to performance impact ratio of each product under test is possible by Enex TestLab eThreatz, it will not be carried out as part of this standard testing process. A simplified generic example of the test architecture is shown in Figure 1.

Figure 1: Generic test architecture.

The architecture shown in Figure 1 will include a 'control' channel in addition to product offerings 1, 2, and 3. BASE (Behaviour Analysis System Environment) is used to execute and categorise files based on malicious or benign actions. DNA (Direct Network Automation) ensures that all product offerings under test make near simultaneous HTTP connections to each live website in the test set. The architecture ensures that malware and benign threats are captured, analysed, and compared to provide intelligence on which security component (shown in red text) blocks or allows specific files, and at what point in the security chain, depending on the parameters and purpose of the individual test.

The results will be published every month in summary form, freely available to all readers. In addition, a detailed Enex TestLab eThreatz report will be produced and be available by subscription from Enex TestLab.

For more information on Enex TestLab eThreatz anti-malware testing see

Join the CSO newsletter!

Error: Please check your email address.

Tags symantecmcafeeMicrosoft securitysecurityanti-viruskasperskypanda securityesetsophosTrendmicro

More about CSOEnex TestLabKasperskyMicrosoftPandaPanda SecuritySophosSymantecTrend Micro

Market Place