Basically, NortonLifeLock Norton360 and Webroot Antivirus failed to block 2 samples. While Comodo Antivirus failed against 6 samples and Panda Free Antivirus failed against 8 samples. I wonder why Comodo didn't sandbox these samples? https://selabs.uk/reports/endpoint-security-eps-home-2024-q2/
I wonder if Cruelsister can comment on this? Shouldn't Comodo AV sandbox unknown files, even if it can't identify them as malware? Or do you believe they turned off the sandbox?
Reading through the methodology used (as much as was published), I question as to the product choice made for Comodo (why Comodo Antivirus?). I'm actually surprised that the rating for it was as high as published as this little used version is a rather large step down from CIS/CF in terms of protection. Also I wonder if what is occurring in Containment (like data collection) versus what occurs on the actual system was taken into account. Anyway, looking at the products that received 100% grades on may notice that whose products that rely solely on definition based detection did very well which gives a clue on the quality and timeliness of the malware utilized in the test.
I inserted little or equally would inserted the term, very brief. I also read the PDF via @Rasheed187's URL. Would like to have seen the whitepaper results IN FULL or a somewhat more detailed particular. Completely agreeable, How can it not be? Well we are deep inside the age of marketing and when configured with Defaults, given the Samples used in their testing's, by ANY Lab, each session testing and their published released product results, it's always going to be a musical chairs continually changing best or top results position, Which we are to assume it's about position (as well as marketing strategies)
I now see that they tested Comodo AV version 12.2.2.8012, is this an old version? But no matter if it's old or not, the question remains whether they have disabled the sandbox or not. In fact, I don't even know if it's enabled by default? But if the sandbox was enabled, then I assume it most likely would have contained the 6 samples that the AV missed, which should get them a point for neutralizing the malware.
