SECURITY
78 MARCH2020|COMPUTERSHOPPER|ISSUE385
T
estingsecurity softwaremeansturning
totheexperts. Thisyear allourtests
wereperformedby SELabs(selabs.uk),
runby SimonEdwards, whousedto workfor
thisvery magazine.
SELabs usestheAnti-Malware Testing
Standards Organization (AMTSO)standard
fortesting.Thatmeansall theproducts have
been testedthoroughlyin such awaythat the
results demonstrate real-worldperformance.
All productsaretestedusingadoubleform
of attack.First,thereare threatscollectedin
thewild,which meansthekindsofthreatsto
which yourcomputerisexposed.Theseshould
berelativelystraightforwardforaproduct to
deal with.Second, products areexposed to
targetedattacks,similarto thosethat
cybercriminalswould use.Ineffect,thetests
aretheretoseeif thesoftwarecan protect
againstbothknownattacks (traditional
malware)and direct attacks, whichare
becoming more popular.
All software is tested in real-worldterms,
withafullinternetconnectionso that software
canuseanycloudservicesanddownload
updates.Testingmalware withoutalive
internetconnectionmassivelydistortsresults
and, giventhat mostinfections takeplace
whenyou’reonline, thistestingmakessense.
PROTECTION DETAILS
Afterbeing exposedtoathreat, thecomputer
isanalysedfullytosee whathappened.
Thereare threemainoutcomes:thethreat
wasblockedimmediately;thethreat was
neutralised,whichmeans that athreat madeit
ontoacomputerbutthemalicioussoftware
waskilled beforeitcoulddodamage;or the
machinewascompromised andthedangerous
softwarewasallowed ontothecomputer.
On topof this(notshownin thegraph on
theoppositepage),it’spossible forsoftware
todetectathreat that itdoesn’thave the
capabilitiestodefendagainst.Thisstill
countsasacompromise,buthavinga
warningwouldat least letyou tryandclean
your computerafterwards.
We’ve plottedthedetailsin thegraph on
theoppositepage. As youcan see,thetop of
thegraph isverytight,withF-Secure Safe and
TrendMicroInternetSecurity blockingall
threats.Comodo InternetSecurity,Kaspersky
InternetSecurity,SophosHomePremium
and SymantecNortonSecurity allblocked 99
threats,and neutralised theremainingone.
Aswemove downthegraph,theprotection
rate isstill good, butthesoftwarewas
compromised inat leastoneincident,while
theblockingrate drops. Rightat thebottom,
wehavetopointoutG-DataInternetSecurity,
which wascompromised fivetimes,and
WebrootAntivirus,whichwascompromised
astaggering 19 times.
LEGITIMATE SOFTWARE
Aswell asblockingreal threats, it’simportant
that security softwareallowslegitimate
softwaretobeinstalled. To test this,aseriesof
legitimate softwareisinstalled, downloaded if
possiblefrom themanufacturer’swebsite,and
ignoring anysoftwarethat has adwareinit.
The softwarewassortedintocategories
basedonhowprevalentitwas:blocking
GoogleChrome isway worse thanstopping an
obscureutility.Fromthesecategories, security
softwarelostscoresfrom aperfect736 based
onthetypeofsoftwarethat itblocked.All the
securitysuites allowedalllegitimate software,
bar F-Secure Safeand downwardsonthe
graph opposite,bottomleft. Onceagain,
Webrootwas bottomof thepack.
TOTAL ACCURACY
To workout atotal accuracy rating, the
softwarewasscoredbasedonhowwell it
defendedagainstanattack,withsoftwarethat
blocked scoringhighlyand softwarethat
allowed acomputertobecompromised
getting heavily penalised. Inaddition, the
scoresforlegitimate softwarewereincluded.
These totals allow youtoseehow well each
bitof softwarestacks up.
Asyou canseefrom theresults, it’sclose
at thetop,with thetopfourproducts
(KasperskyInternetSecurity,Sophos Home
Premium, SymantecNortonSecurity and
F-SecureSafe)offeringverysimilaroverall
protection.Belowthis, results aregood,but it’s
worth checkingoutthegraphsto seeifanyof
thesoftwarewascompromised.
It’snosurprise that WebrootAntivirus
came bottom,withits combinationof poor
detection and poorlegitimatesoftware
detectionmassively holding itback.
SECURITY SOFTWARE ON TEST
WE FIND OUTHOW EACH SOFTWARE PACKAGEPERFORMSAND
HOWWELLITSTANDSUPTODIFFERENT LEVELS OF ATTACK
ABOVE:The security suites on test were exposed to real-worldthreats and targeted attacks to rate theirefficacy
