Virus Bulletin RAP Averages Quadrant, February 2012 through August 2012

Virus Bulletin has released their latest RAP Averages Quadrant, representing February 2012 through August 2012.

The Top 10 (some eyeballing necessary):

1. Coranti (a clear first among the top 10)
2. Huari (a clear second among the top 10)
3. Tencent
4. Lavasoft
5. BitDefender
6. G Data
7. Avira Pro
8. TrustPort
9. Emisoft
10. Avira Free

These products scored above 90% on Reactive and above 80% on Proactive Detection.  Auslogics, BullGuard, and ESTSoft dropped out of the top ten in the latest test. BullGuard came close, however.

The Top 10 in the From the October 2011 through April 2012 Report

1. Coranti
2. Coranti Cora
3. Auslogics
4. TrustPort
5. G Data
6. BullGuard
7. Avira Pro
8. ESTSoft
9. Tencent
10. Avira Free 

The bottom six in the latest test from “highest” to” lowest”.    Commtouch, Frisk, Quick Heal, Iolo, Total Defense Business, and UN Threat.  Iolo had the worst Reactive detection at 62% and  Un Threat the worst Proactive Detection  at 40%. Neither Trend Micro nor Symantec were part of the test. 

This provides some more useful information in evaluating the relative strengths of the products.  It obviously wins out over the wisdom of Facebook fans clicking on like!  The relative performance   can best be viewed by looking at the RAP Averages Quadrant chart at

http://www.virusbtn.com/vb100/latest_comparative/index

Subscribers to Virus Bulletin's publications have access to more details on the results.

RAP Averages Quadrant

This test measures products' detection rates across four distinct sets of malware samples.  The first three test sets comprise malware first seen in each of the three weeks prior to product submission.  These measure how quickly product developers and labs react to the steady flood of new malware emerging every day across the world.  A fourth test set consists of malware samples first seen in the week after product submission.

About Virus Bulletin www.virusbtn.com

Virus Bulletin started in 1989 as a magazine dedicated to providing PC users with a regular source of intelligence about computer malware - its prevention, detection, and removal.   

 

Virus Bulletin VB2012 Conference – Dallas, Texas

Dallas, Texas is   antivirus and anti-malware vendor ground zero this week.  Virus Bulletin’s VB2012 conference is taking place   in the US for the first time since 2004.  A substantial number of major antivirus and anti-malware vendors  attend this function, as well as customers.    Delegates range from dedicated anti-malware researchers to security experts from government and military organizations, legal, financial, and educational institutions, and large corporations. This is an annual event, put on by Virus Bulletin.

 

This isn’t three days of drinking and partying.  Well, okay. This is Texas,  so there will be drinking and partying, after six hours of  daily presentations.  Despite the fact that this is in Texas, there won’t be a plethora of black hats and dinner plate sized belt buckles.  The word "fixin'" will be in short supply. There also won’t be a lot of “boot skootin’” at the evening events.  A higher probability of gangnam style dancing, perhaps, at the cabaret the second evening of the conference.

Attendees at the event  will have  a selection of  presentations , each day of the  three day conference from customers, academia, and vendors, Topics include -  “On temporal drift in malware families”, “how to test properly: comparative web filter tests”,  “a little bit about the freemium  phenomenon from the proud beer  provider” (gotta love  Czech Republic based Avast Pivo, prosim!), “Linux mass infection tools”,  “Identifying social malware”, and “Russian hackers, proxy  resellers, and rootkits”. Attendees will have their choice of about sixteen presentations daily, as well as having time to chat with vendors sponsoring the event.  These aren’t sales presentations! The conference program caters to both technical and corporate audiences.  The link below  leads to abstracts of this year’s presentations. 

https://www.virusbtn.com/conference/vb2012/programme/index

 

Gratuitous plug for the Platinum Sponsors - Avast, ESET, and Qihoo 360.  

All attending will have an educational time.  Next year’s event will be in Barcelona.

More than one company has been “surprised” by failing Virus Bulletin’s VB100 test (done several times per year).  In fact, some major vendors no longer participate.  Virus Bulletin also puts out a Reactive and Proactive RAP Averages quadrant four times annually, plotting Reactive Detection versus Proactive Detection.  In addition, people who look at this may be surprised to see that the major vendors aren’t necessarily the best performing.  You won’t find Symantec or Trend Micro on this chart. 

https://www.virusbtn.com/vb100/latest_comparative/index

Virus Bulletin www.virusbtn.com

 

Virus Bulletin focuses its efforts in three main areas: a monthly magazine, an annual conference, and bimonthly product certification.  

Internet Security 2013, Antivirus 2013 – The Competitive Upgrade Swap

Internet Security Suite 2013 and Antivirus 2013 products have been rolling out for the last several weeks, keeping publications such as CNET, PC Magazine, PC World, and PC Pro busy testing and writing reviews.  It’ll be awhile before the major test organizations will be testing and publishing their test results.

Nonetheless, you may be unhappy with your Internet Security 2012 or Antivirus 2012 solution.  Your  laptop may have caught a virus.  You may have read a review of another vendor’s product and said, “I must have that, but I’ve paid for ‘fill in the blank” Internet Security 2012 already.”  Three words - free competitive upgrade.  

Look at ads from your local Frys, Staples, or Office Depot, for example.  You may also want to look at online ads from these stores.  Below is what Frys is offering (week of September 23) after competitive upgrade forms are mailed in (watch for the deadlines!).  Note that the rebates are often in the form of pre-paid debit cards. 

• BitDefender AntiVirus Plus 2013 – Free  
• GFI Vipre Internet Security 2013 - Free
• Kaspersky Pure Total Security - Free  
• Trend Micro Titanium Premium Security 2013 – Free  
• McAfee Internet Security 2013- $4.99 
• Norton Antivirus 2013 - $4.99 
• AVG Internet Security 2013 - $14.99
• ESET Smart Security 5 - $29.99 

Below are links to some Internet Security 2013 suite and Antivirus 2013 review results from CNET and PC Magazine.

 http://kensek.blogspot.com/2012/09/best-internet-security-suites-2013-best.html

 

http://kensek.blogspot.com/2012/09/best-antivirus-2013.html

 

Secureworld expo 2012, Decrypting the Mayan Code - Santa Clara Day 1 Musings

Day 1 of secureworld expo 2012, Decrypting the Mayan Code, in Santa Clara (Bay Area) was a lightly attended event.  None of the smaller sessions I    attended on Day 1 were more than half-full.  The afternoon panel discussion was full, however.  There were more than sixteen sessions on Day 1, a combination of open sessions, 2-Day   conference attendees’ sessions, and invitation only session.  A sense of déjà vu over a past RSA San Francisco event.  The theme of the conference,   “Decrypting the Mayan Code” 

Some Observations

• Opening   Keynote – PCI in 2012 and Beyond.  More of the presentation was spent on promoting the organization than where PCI was heading.  I learned that the speaker has a hearing-impaired dog.

• Check Point Software - Security Blueprint talk -   Good talk about Check Point’s security map without doing a technology deep dive.  Check Point delivers their technology “your way”, depending on whether you want an appliance,   VMware, or you have fully imbibed the private or public cloud kool aid.  They stated that their solutions provide comparable features, functions, performance, regardless of the form factor you purchase or license their technology.

• RSA - Authentication, Addressing a Changing IT Environment talk -   Quick overview of some authentication alternatives.  Brief mention of “issues” RSA had in the past year with theft.  Other companies involved with authentication were in the audience (and identified themselves).

• Panel discussion – BYOD; Laptops, Smartphones, Tablets, Oh My!  (Absolute, Air-Watch, Appsense, Good Technology, RSA ) – A good discussion.  Well attended.  The consensus was that BYOD has taken off and there is no going back.  Now, it is a matter of protecting the data.  Members of the panel felt that  t there is an obvious positive ROI to implementing BYOD within the company.  Disagreement as to whether the growth has come from the masses demanding (or just doing) this, or from the executive offices demanding it.  One company more or less recommended the 80/20 suggestion for implementation.  Namely, that you could get 80% of what your company needs with 20% of the effort.  Much of the discussion used the briefcase motif.  If the employee owns the briefcase, how can  you justify the company owning the lock if there is  personal information in the briefcase?  The suggestion; consider the company having a smaller briefcase within the personal briefcase.  The company then would own  that briefcase, the lock, the data, and the right to wipe/empty that briefcase of any information.

• Little success in getting competitors to dis one another in the exhibitor area despite my gentle lobbing of hanging curves.  Fortinet stated that they had next generation firewalls, (NGFWs);  before Palo Alto Networks and that Palo Alto Networks took over the phrase, (most people consider them the originator of the term).  Palo Alto Networks recognizes Websense not at the event) as a competitor, but feels that their technology still provides a better solution (it also sounds as Palo Alto Networks   had a nice internal celebration when they had their IPO.  Riverbed; no discussion of interest.  Blue Coat; a tad sensitive.  Their response when I asked what technology was under the hood of their DLP appliance (it appears not be a DLP/Malware appliance as in the previous version); their initial response was a non-confrontational, “why are you asking that?”  They then mentioned that it was from Code Green.

For those who are interested – Tchotchkes!

In addition to the usual data sheets;  tee shirt (leftover  from Black Hat), commuter mugs, BPA free water bottles, mugs with handles pens, pens, pens, transformer like pen!, mobile phone holder, a  ring style Frisbee flying saucer clone, candy, and a sumo wrestler stress toy (very cool).  

 

Casino break! 

Interesting listening to non-professionals explain the game and rules to those who had little experience with the games.

 An advanced screen of the movie “code 2600” is scheduled for day two of the conference. 

About secureworld expo 2012 – Decrypting the Mayan Code

 This is a multi city event.  Events are scheduled for Detroit, Dallas, and Seattle.

 http://www.secureworldpost.secureworldexpo.com/