Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Of LoLBins, 0-Days, ESET, and Microsoft Defender
Message
<blockquote data-quote="ForgottenSeer 109138" data-source="post: 1083249"><p>Eset much like CIS is not designed to be run out of the box "hence the elaborate settings" even though it has default settings for average users. Those are a mix of security and usability. Demonstrating if a product misses something legitimate, without demonstrating its capabilities, is pointless. Being advanced enough to use the product to its fullest capabilities is another matter altogether which is much like not testing it that way. </p><p></p><p>How high of a detection rate does one product have to have to become usable for average users, i have read it can be as high as 99.8 percent of almost all wide spread malware. I see users here that agree that they have not had an infection in ages just using default securities, liking these posts. Im unclear as to why when these products are being tested in a manor that resembles parlor tricks. </p><p></p><p>Microsoft is fully aware of its issues and LOLBins and their vulnerabilities. Lists for these have been around since the early 2000's and used by a lot of products including yours. Microsoft itself has pointed out and is also something understood in the enterprise arena that with LOLBins the best solution is , if its not being used, disable it. </p><p></p><p>That said MS Defender is also known to have FPs as well from such detection's as you described. </p><p></p><p>Bottom line here is not that the file could be used for something, it was not fitted with a malicious payload nor did it actually commit any malicious actions other then its not common to be used, but again, the detection by microsoft was a generic response to this "possibility" , so props up to it flagging a benign file, but it is not an indicator the other product failed. Nor would I suggest users remove this product because they watched this test and think it failed.</p></blockquote><p></p>
[QUOTE="ForgottenSeer 109138, post: 1083249"] Eset much like CIS is not designed to be run out of the box "hence the elaborate settings" even though it has default settings for average users. Those are a mix of security and usability. Demonstrating if a product misses something legitimate, without demonstrating its capabilities, is pointless. Being advanced enough to use the product to its fullest capabilities is another matter altogether which is much like not testing it that way. How high of a detection rate does one product have to have to become usable for average users, i have read it can be as high as 99.8 percent of almost all wide spread malware. I see users here that agree that they have not had an infection in ages just using default securities, liking these posts. Im unclear as to why when these products are being tested in a manor that resembles parlor tricks. Microsoft is fully aware of its issues and LOLBins and their vulnerabilities. Lists for these have been around since the early 2000's and used by a lot of products including yours. Microsoft itself has pointed out and is also something understood in the enterprise arena that with LOLBins the best solution is , if its not being used, disable it. That said MS Defender is also known to have FPs as well from such detection's as you described. Bottom line here is not that the file could be used for something, it was not fitted with a malicious payload nor did it actually commit any malicious actions other then its not common to be used, but again, the detection by microsoft was a generic response to this "possibility" , so props up to it flagging a benign file, but it is not an indicator the other product failed. Nor would I suggest users remove this product because they watched this test and think it failed. [/QUOTE]
Insert quotes…
Verification
Post reply
Top