Sophos Cloud OptixPast posts about testing anti-virus products have shown how simple detection tests do not always paint the complete picture. A recent test by AV-Test.org has shown that there is more to testing than just raw detection numbers. The full details about the test can be found at Sunbelt’s excellent blog so I won’t repeat them here. In the article it is explained how the tests were conducted and the subsequent results achieved.
Two PDFs are available with the breakdown of all the companies chosen to participate.
The first PDF shows the overall results for 5 different categories tested. The categories are:
- detection rate
- false positives
- proactive detection
- response time
- rootkit detection.
The scoring system uses ++, +, 0, -, — to go from best to worst.
Sophos is one of only five companies (28 were tested in total) to score ++ or + in all the categories.
In these new tests the highlight for Sophos is our proactive detection which gets the best rating available and beats offerings from Kaspersky, McAfee, Symantec and Trend Micro. The guys in the labs and development have put a lot of effort into the design of behavioral genotypes and the HIPS capabilities of the products and this test reflects just how worthwhile that effort has been.
The other categories show Sophos to have:
- a detection rate of just under 98% over more than 1 million files – full detection rates are available in the second PDF.
- just one false positive in 65,000 files
- response times of between 2 and 4 hours
- just 1 miss in the rootkit detection test.
This type of testing better reflects the needs of customers when making informed decisions about which product to buy. I believe you can expect to see much more of these types of tests in the future.
