- Joined
- Mar 18, 2015
- Messages
- 2,963 (0.84/day)
- Location
- Long Island
Well that is a 1st ... its been getting better and better every year but kudos to MS for detecting everything, scoring well on performance and also no false positives... however, doing something once once or twice, that the leaders do every test, does not a competition make. It's all about consistency ... and to date, Defender has yet to show that. As time goes on, it doesn't take anyone much time to just copy everyone else's detection schemes.
1. I'll pay attention when they do it 12 times in a row.
2. To borrow a phrase, there are two types of folks in this world ... those who have been infected and those who haven't been infected yet.
3. If you read the actual test reports ....
a) Defender has 2 false positives last time (April) . How much time you gonna waste investigating / trying to remove ? Is your time worth $6 a seat ? That's one "decider" right there.. Spending 1 hour investigating a single false positive pays the AV subscription for 5 boxes for 6 years. Our systems oft detect "infections" years after the file came in. All of a sudden, a can detects an infection and the file has been there ... 2, 4 heck 8 years after it was last opened. prolly had about 6 - 8 of these in last 10 years. I quarantine the file and I send it in to the vendor ... within a day or 2, I get an an answer back saying the file is fine and that they have updated the detections. Does MS do that ? If they don't what course of action is available to you ?
b) They also don't usually do well on the performance tests, usually having slowdowns higher than the industry average. This time they did well here but again consistency. To be fair, every vendor takes a hit here now and then.
4. What you do for your AV solution, like most other things, depends on what you are protecting .... if it's a gaming box and your time has no value for an OS reinstall and redownloading all your system games no big deal. But if you have 25 years of business records, 30 years of family photos, 35 years of CAD drawings ... assuming all your backups are intact, what is cost of bringing your home / small office box back on line ? What's the loss in billing rates at $60 - $180 an hour when an employee can't access a file in a small office ? Is it worth $5.50 - $7.50 per year ? Even a false positive is going to eat up and hour figuring out whether or not it's something to worry about. There's also the other things that come in the package ? Do any of those have any benefit ?
The privacy protections that prevent tracking ? * On our network, the average number of blocked tracking attempts per box exceeds 17,000 so far this year
Does the included backup and restore utility provide any additional value ?
Does the included Parental Control utility provide any additional value ? Prolly more so for office usage
Does the included software update utility provide any additional value ? *
Does the included financial transactions protection utility provide any additional value ? *
Does the included mail spam provide any additional value ? *
Does the included software monitoring the utility provide any additional value ? *
Does the included banner utility provide any additional value ? *
Do the gaming, auto scheduling, battery features provide any value ? *
Does the included anti-keylogging features provide any additional value ? *
Does the included port monitoring utility provide any additional value ?
Does the ability to scan encrypted embedded web site connections have any value ? *
* Not part of defender or Windows
I have not investigated this but is there a way to allow Defender to update itself while still allowing you to review all Windows Updates before they are installed. ? Without it, its like nagware.
in short ... it's a risk / reward / cost analysis. AV / Malaware protection consistency is proven over time... false positives and performance is better ... and the extra features and protections that Defender doesn't have save me time, reduce risk and the need to use other utilities to duplicate these functions.
This time it beat industry avrage ... last test, didn't do so well.
I just checked... last update it did was 7 am on Sunday. I see that i can set it to download updates before each scheduled scan and that i can set iut to scan up to once a day.
Many of the free ones also require manual updates
You can get deals as low as $5.50 a seat, tho $7,50 is more typical for small groups.
We negotiated a deal some years back for my professional society ... $2 a seat ... also done with boy scouts etc. We recommend getting 5 folks together and doing 5 or 10 seats for 3 years which averages about to about $5.50 a year for 10 and $7.50 for 5 seats. My son shares a house with 2 fiends and they got a 3 year pack of 5 seats for them and 2 of their GFs.... averages out to $7.49 per box per year. One of the GFs had her banking data stolen some months before via keylogging which is something she no longer has to worry about.
The "better safe than sorry" cliche has no relevance to this discussion. While Defender has managed a very commendable spotless detection rate in the last 3 months (7 false positives), that's as far back as it goes.
In the last 24 months ... 25 Zero-day infections and 158 known widespread infections got thru windows built in AV while experiencing 120 false positives
In the last 12 months ... 4 Zero-day infections and 50 known widespread infections got thru windows built in AV while experiencing 21 false positives
In the last 6 months ... 0 Zero-day infections and 11 known widespread infections got thru windows built in AV while experiencing 10 false positives
No vendor has a philosophy which says sacrifice detection in exchange for not getting false positives ... MS had 100% detection and 0 false positives in 2 consecutive months and they deserve credit for that ... that being said, it's the 1st and only time they have managed this. There are vendors who manage 100% detection 12 times a year, year after year and maybe get a 1 or 2 false positive a year ... kaspersky has had 0 infections and 4 false positives in the last 24 tests. So while it's extremely encouraging that Defender has looked pretty good over the last 3 months ... kasperky has 0 infections and half as many false positives in 24 months as defender has shown in last 3 months.
If the last 3 months performance continue, I won't feel compelled to advise folks to think twice before going with Defender alone. Again, 'think twice' is not a negative recommendation ... just "think about if it's the best long term option for your specific instance". If going with Defender, still would say:
a) Download a copy of the 30 day free trial of Kaspesky and / or BitDefender and keep on ya HD... doesn't cost ya a dime, and ... if something gets past Defender, you have something on hand. Worst case you take the HD out of the box and clean it in a USB HD dock connected to another system. Over the years, whichever i was using I always had the other install program on a HD so that I would have a backup option.
b) Try out one of the paid apps for 30 days ... even if you have little to risk with slightly less protections, see if the extra features are worth skipping a trip to Starbucks for a Latte and a Blueberry Muffin
Also wanted to note as it's been mentioned... malware bytes scored a 2.0 / 6.0 on protection in last test.
Its also worth noting that Defender's performance in the most recent tests is more impressive than it other wise would be in that ONLY 4 vendors (Kaspersky, Defender, TrendMicro and Norton) scored perfect scores on detection. Only 2 of those had 0 false positives (Defender and Kaspersky). This month, that puts Defender on par with the industry's best historical performer will will quiet a lot of critics, if that level of performance ca be maintained over time.
BitDefender had an off month with 4 zero day malwares getting thru and 4 false positives. It would seem that the days of criticizing Defender for how well it does what it does are about to sunset. The discussion will now shift to what it doesn't do and whether having those features are worth $5.50 - $7.50 a year from a 3rd party vendor.
1. I'll pay attention when they do it 12 times in a row.
2. To borrow a phrase, there are two types of folks in this world ... those who have been infected and those who haven't been infected yet.
3. If you read the actual test reports ....
a) Defender has 2 false positives last time (April) . How much time you gonna waste investigating / trying to remove ? Is your time worth $6 a seat ? That's one "decider" right there.. Spending 1 hour investigating a single false positive pays the AV subscription for 5 boxes for 6 years. Our systems oft detect "infections" years after the file came in. All of a sudden, a can detects an infection and the file has been there ... 2, 4 heck 8 years after it was last opened. prolly had about 6 - 8 of these in last 10 years. I quarantine the file and I send it in to the vendor ... within a day or 2, I get an an answer back saying the file is fine and that they have updated the detections. Does MS do that ? If they don't what course of action is available to you ?
b) They also don't usually do well on the performance tests, usually having slowdowns higher than the industry average. This time they did well here but again consistency. To be fair, every vendor takes a hit here now and then.
4. What you do for your AV solution, like most other things, depends on what you are protecting .... if it's a gaming box and your time has no value for an OS reinstall and redownloading all your system games no big deal. But if you have 25 years of business records, 30 years of family photos, 35 years of CAD drawings ... assuming all your backups are intact, what is cost of bringing your home / small office box back on line ? What's the loss in billing rates at $60 - $180 an hour when an employee can't access a file in a small office ? Is it worth $5.50 - $7.50 per year ? Even a false positive is going to eat up and hour figuring out whether or not it's something to worry about. There's also the other things that come in the package ? Do any of those have any benefit ?
The privacy protections that prevent tracking ? * On our network, the average number of blocked tracking attempts per box exceeds 17,000 so far this year
Does the included backup and restore utility provide any additional value ?
Does the included Parental Control utility provide any additional value ? Prolly more so for office usage
Does the included software update utility provide any additional value ? *
Does the included financial transactions protection utility provide any additional value ? *
Does the included mail spam provide any additional value ? *
Does the included software monitoring the utility provide any additional value ? *
Does the included banner utility provide any additional value ? *
Do the gaming, auto scheduling, battery features provide any value ? *
Does the included anti-keylogging features provide any additional value ? *
Does the included port monitoring utility provide any additional value ?
Does the ability to scan encrypted embedded web site connections have any value ? *
* Not part of defender or Windows
I have not investigated this but is there a way to allow Defender to update itself while still allowing you to review all Windows Updates before they are installed. ? Without it, its like nagware.
in short ... it's a risk / reward / cost analysis. AV / Malaware protection consistency is proven over time... false positives and performance is better ... and the extra features and protections that Defender doesn't have save me time, reduce risk and the need to use other utilities to duplicate these functions.
This time it beat industry avrage ... last test, didn't do so well.
I just checked... last update it did was 7 am on Sunday. I see that i can set it to download updates before each scheduled scan and that i can set iut to scan up to once a day.
Many of the free ones also require manual updates
You can get deals as low as $5.50 a seat, tho $7,50 is more typical for small groups.
We negotiated a deal some years back for my professional society ... $2 a seat ... also done with boy scouts etc. We recommend getting 5 folks together and doing 5 or 10 seats for 3 years which averages about to about $5.50 a year for 10 and $7.50 for 5 seats. My son shares a house with 2 fiends and they got a 3 year pack of 5 seats for them and 2 of their GFs.... averages out to $7.49 per box per year. One of the GFs had her banking data stolen some months before via keylogging which is something she no longer has to worry about.
The "better safe than sorry" cliche has no relevance to this discussion. While Defender has managed a very commendable spotless detection rate in the last 3 months (7 false positives), that's as far back as it goes.
In the last 24 months ... 25 Zero-day infections and 158 known widespread infections got thru windows built in AV while experiencing 120 false positives
In the last 12 months ... 4 Zero-day infections and 50 known widespread infections got thru windows built in AV while experiencing 21 false positives
In the last 6 months ... 0 Zero-day infections and 11 known widespread infections got thru windows built in AV while experiencing 10 false positives
No vendor has a philosophy which says sacrifice detection in exchange for not getting false positives ... MS had 100% detection and 0 false positives in 2 consecutive months and they deserve credit for that ... that being said, it's the 1st and only time they have managed this. There are vendors who manage 100% detection 12 times a year, year after year and maybe get a 1 or 2 false positive a year ... kaspersky has had 0 infections and 4 false positives in the last 24 tests. So while it's extremely encouraging that Defender has looked pretty good over the last 3 months ... kasperky has 0 infections and half as many false positives in 24 months as defender has shown in last 3 months.
If the last 3 months performance continue, I won't feel compelled to advise folks to think twice before going with Defender alone. Again, 'think twice' is not a negative recommendation ... just "think about if it's the best long term option for your specific instance". If going with Defender, still would say:
a) Download a copy of the 30 day free trial of Kaspesky and / or BitDefender and keep on ya HD... doesn't cost ya a dime, and ... if something gets past Defender, you have something on hand. Worst case you take the HD out of the box and clean it in a USB HD dock connected to another system. Over the years, whichever i was using I always had the other install program on a HD so that I would have a backup option.
b) Try out one of the paid apps for 30 days ... even if you have little to risk with slightly less protections, see if the extra features are worth skipping a trip to Starbucks for a Latte and a Blueberry Muffin
Also wanted to note as it's been mentioned... malware bytes scored a 2.0 / 6.0 on protection in last test.
Its also worth noting that Defender's performance in the most recent tests is more impressive than it other wise would be in that ONLY 4 vendors (Kaspersky, Defender, TrendMicro and Norton) scored perfect scores on detection. Only 2 of those had 0 false positives (Defender and Kaspersky). This month, that puts Defender on par with the industry's best historical performer will will quiet a lot of critics, if that level of performance ca be maintained over time.
BitDefender had an off month with 4 zero day malwares getting thru and 4 false positives. It would seem that the days of criticizing Defender for how well it does what it does are about to sunset. The discussion will now shift to what it doesn't do and whether having those features are worth $5.50 - $7.50 a year from a 3rd party vendor.
