BluePoint Security VS early life malware samples Part 2
The Malware Research Group continues ongoing testing of newly released threats. BluePoint Security continues to innovate in the endpoint security space with excellent detection rates of newly released malware utilizing our revolutionary cloud based analyzation techniques. With BluePoint Security, there are no definitions to update. Our powerful real-time prevention engine puts an end to the update, scan and removal cycle. All threats are simply prevented from infecting your system in the first place.
"The purpose of this and the projects to come in this section, is to assess the effectiveness of a set of antimalware products against early life threats.
MRG, like other security organisations, receives a large number of zero day and early life samples every day. The majority of our behind the scenes testing and research has focused on this early life malware and the team has become almost desensitised to the fact that a good proportion of samples in our lab go undetected by nearly all security applications.
Whilst we must point out that a good proportion of what we see does not seem to circulate in the wild, there is no escaping the fact that it is zero day and early life malware that represents one of the greatest threats to IT users and systems.
2009 has seen a dramatic explosion in the number of unique samples of malware and the challenge security vendors face is to create signatures and / or devise other systems to counter this growing threat at a rate that at least keeps up.
There has been an increase in the number of “cloud” based antimalware applications and applications that include some cloud based or community component in an attempt to help increase the speed of detection and response. One of the purposes of these projects is to compare applications using cloud technology against the more traditional offerings.
Each week, we will select a batch of 250 early life samples and test our cohort of antimalware applications against them. The tests will all be live infection prevention tests. We will start each new project on a Monday and test the cohort every day for a week on the same batch of malware to chart detection improvements. The following Monday, we will start with a new batch of early life malware. After a week of testing, the sample set will then be tested every seven days."
Test results. Samples missed out of 50:
The cloud based Anti-Malware products:
• Bluepoint Security 1.0.0.75 - PASSED
• Immunet Protect Beta 1.0.18 - FAILED (missed 1 sample)*
• Panda cloud Beta 3 - FAILED (missed 1 sample)
• Prevx 3.0.5.10 - FAILED (missed 2 samples)
The traditional Anti-Malware products:
• A-Squared Anti-Malware - PASSED
• Avira AntiVir - PASSED
• Kaspersky Antivirus - PASSED
• Microsoft Security Essentials - FAILED (missed 11 samples)
• Nod32 - FAILED (missed 5 samples)
The complementary Anti-Malware products:
• IOBit Security 360 missed 49 samples
• Malwarebytes Anti-Malware missed 5 samples
Read the full review here