Comparative test of anti-virus products on Windows 7

Filed Under: Malware

VB100
The latest edition of Virus Bulletin magazine has described its recently published investigation of 43 anti-virus products on the Windows 7 platform their "biggest month of testing ever", producing an exhaustive 27 page report examining the detection abilities of different security solutions.

Not only does the December 2009 edition of Virus Bulletin award Sophos Endpoint Security the prestigious VB100 award for detecting all the in-the-wild viruses without false alarming, but Sophos also achieved a perfect 100% score against worms, bots and polymorphic malware. This meant that Sophos outperformed a number of other products which failed to detect 100% of the viruses in the wild.

Even more impressive, from Sophos's point of view, was Sophos's performance in Virus Bulletin's RAP ("Reactive and Proactive") test, helping users form a better impression of the heuristic and generic proactive detection capability of security software - in particular how well products perform against malware that appears after vendors have submitted their products to Virus Bulletin for testing.

Yes, that's right - this was the malware which emerged once Virus Bulletin had our software and had frozen its ability to update itself. In other words, Virus Bulletin was testing each product's ability to proactively detect unknown malware.

VB RAP chart, comparing reactive and proactive performance against malware

In this test, harder than any other, Sophos achieved a higher ranking than any other product tested with 73.2%.

Virus Bulletin commented on Sophos's performance:

"Detection rates were particularly good in the RAP sets where some excellent figures were noted, especially in the proactive set; we observed enormous numbers of detections being covered by a relatively tiny number of unique identities, so it seems like Sophos's focus on generic coverage is paying dividends."

As a comparison, McAfee and Symantec scored 53.98% and 17.66% respectively in that same proactive test.

With both a VB100 win, and an extremely impressive performance against unknown malware you can understand why our marketroids might wish to toot the Sophos horn.

This is the 49th time Sophos has won the VB100 award from the independent testers at Virus Bulletin for its protection capabilities. You can find full details of the review in the December 2009 edition of Virus Bulletin magazine (Sorry, I think you may need to be a paid-up subscriber to VB to read the full report, but a summary can be read here).

, ,

You might like

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.