Product review: Seven integrated endpoint security products


This article can also be found in the Premium Editorial Download "Information Security magazine: Comparing seven top integrated endpoint security suites."

Download it now to read this article plus other related content.

To gauge each vendor's ability to detect and block malware found in the wild, we ran three tests using 8,114 recent malware specimens from a private collection graciously provided by antispam researcher Bill Stearns. Our zoo included a large variety of worms, bots, backdoors and viruses. For each test, we recorded the percentage of specimens not eradicated in each round of testing (See "

Requires Free Membership to View

Antimalware Scanning Results," PDF).

ENDPOINTS | Antimalware Scanning
The good news
Trend Micro, CA and eEye all did very well, generally detecting and blocking or removing all but about 8 to 9 percent of the malware thrown at them.

The bad news
IBM ISS crashed several times, scoring so poorly as to cause us to double-check that the protection was enabled.
Our first test was designed to evaluate each product's real-time signature-based defenses by copying the malware from a hardened machine to a shared directory on the protected target system. We then recorded the percentage of malware specimens that made it into the target's file system, escaping detection by the product's real-time scanning capabilities.

We then performed an on-demand scan of all malware that survived our first test, to assess the combined real-time and on-demand scan capabilities for identifying and eradicating malware.

Finally, we conducted on-demand scanning independently by disabling real-time scanning, copying all malware to the target file system, and then executing a scan of the entire zoo.

Trend Micro, CA and eEye all did very well, generally detecting and blocking or removing all but about 8 to 9 percent of the malware we threw at them in all tests.

Antimalware Scanning Results

Click here for our Antimalware Scanning results. (PDF).

This was first published in November 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: