Home > Projects > Proactive Security Challenge 64

Proactive Security Challenge 64

• Introduction
• Results and comments
• Testing levels
• List of products
• Archive of results
• My leaks
• Frequently asked questions

Introduction

Contents:

• Latest news
• Introduction
• Methodology and rules
• How you can help us
• For vendors
• News archive

Latest news

• 2014-12-08: New results have been published for:
  • avast! Internet Security 2015.10.0.2208
  • Dr.Web Security Space 10.0.0.12011
  • ESET Smart Security 8.0.304.0
  • Panda Global Protection 2015 15.0.4

  ESET Smart Security is the winner for today. Not only that it scored much better than all other products tested today combined, but most importanly, it was the only product that improved its score from its previous version. This product is slowly, but consistently, improving, which is rare among today's security suites. A common pattern that we see more and more often is that a new UI design is the primary thing in new versions of security products and no significant improvements are made on the security field. This does not hold for ESET. Yet still there is a long way to go for this product to play on par with the best. 67 % this time.

  No improvements over the previously tested versions were found in Dr.Web Security Space and avast! Internet Security. Dr.Web does implement more behavioral based protection features than most of security products, but it is simply not good enough yet and major improvements are still needed. 24% for Dr.Web is nothing to be proud of. Especially, if this is the same score as previously. Not much to be said about avast!'s 8% performance. Same as before, nothing interesting.

  The last for today and the worst overall is Panda Global Protection. It almost made it to the unbeatable 0% score, but somehow it managed to get 1 %. The worst among bad, that's Panda.

• 2014-11-01: New results have been published for:
  • F-Secure SAFE Internet Security 2.15.358
  • McAfee Total Protection 2015 13.6.1367
  • VIPRE Internet Security 2015 8.0.3.3
  • Zillya! Internet Security 1.1.4324.0

  None of the products tested this time, including a new product called Zillya! Internet Security, performed well. In fact, VIPRE and Zillya! share the last position in Proactive Security Challenge 64 with only 2 % final score. F-Secure SAFE Internet Security scored 6 %, McAfee Total Protection scored 3 %. It seems to be a new trend on the field of Internet security suites – to come with a fancy new Metro interface and no improvements in protection. There are still too few products among which an advanced user can choose.

• 2014-09-21: New results have been published for:
  • FortKnox Personal Firewall 11.0.505.0
  • Norman Security Suite PRO 11.00
  • Privatefirewall 7.0.30.3
  • SpyShelter Firewall 9.2

  SpyShelter Firewall improved a little bit again and with its 89 % it tied for third place in our challenge with Kaspresky Internet Security. It jumped over Privatefirewall, which kept its 88% score. Unlike Privatefirewall, SpyShelter Firewall is still under very active development and we can expect further improvements in the future. On the field of HIPS security, we believe SpyShelter Firewall will chase the top two products (Outpost and Comodo) soon.

  On the opposite side, no improvement is expected from FortKnox Personal Firewall and Norman Security Suite PRO. These products confirmed their positions among the worst by reaching 4% score.

Introduction

This project examines security software for Windows OS that implement application-based security model – i.e. most of the products called Internet security suites, personal firewalls, HIPS, behavior blockers, and similar products on the market. A product must meet some fixed criteria in order to be included in this project. The list of products suitable for this project that we are aware of is available on the product list page.

The goal of this project is to evaluate various abilities of security products to protect the user's data and the operating system based on the application behavior control and similar features. A product that succeeds in Proactive Security Challenge 64 is able to block well known techniques used by malware to steal or corrupt the user's identity or data, to infect and persist in the system, to participate in botnets, and to circumvent the protection implemented by the security product itself.

Methodology and rules

Installation and configuration

The tested products are installed on a virtual machine running Windows 7 Service Pack 1 with Internet Explorer 9 set as the default browser and with UAC turned off. The products are configured to their highest usable security settings and tested with this configuration only. We define the highest usable security settings as follows. The user must be able to do the configuration of the product without need of expert knowledge of the operating system and the computer security. This means that the user, with the skills and knowledge we assume, is able to go through all forms of the graphic user interface of the product and enable or disable or choose among several therein given options, but is not able to think out names of devices, directories, files, registry entries etc. to add to various table of protected objects manually, not even if such a configuration is suggested on the product's support forum or website. The product is configured to interact with the user as much as possible, reducing the number of automatic decisions made by the product as much as possible. To meet the usability requirement it must be possible to use the computer with the configured product for all legitimate tasks as if there was no security product installed. It is also required that the user is not forced to predict behavior of any unknown application and that under normal circumstances (i.e. no malware attack is in the progress) and once the product is set up properly, the product does not bother the user too often.

Testing levels

There are several testing levels in Proactive Security Challenge 64. Each level contains a selected set of tests and it also contains a score limit that is necessary to pass this level. All products are tested with the level 1 set of tests. Products that reach the score limit of level 1 and thus pass this level will be tested in level 2 and so on until they reach the highest level or until they fail a limit of some level.

Testing suite and scoring

Proactive Security Challenge 64 uses tests from Security Software Testing Suite 64 only. All the tests in this suite are available with source codes. Using the open set of tests makes the testing transparent as much as possible. For each test the tested product can get a score between 0 % and 100 %. Currently, all the tests can be simply passed or failed only and so the product can get 0 % or 100 % score only. It should be noted that the testing programs are not perfect and in many cases they use methods that do not guarantee recognizing whether the tested product passes or fails the test. This means that it might happen that the testing program reports that the tested system passed the test even if it failed, this is called a false positive result. The official result of the test is always determined by an experienced human tester in order to filter false positive results. The opposite situations of false negative results are rare and are also eliminated by the human tester.

All tests on the levels a tested product reaches are run at least once. If a product passes a test, this test is repeated at least once in order to mitigate false passing. For more information about the testing process see the testing guidelines.

Every test has a defined type. Tests of the same type usually attempt to achieve the same goal. Here is a list of the defined types and their goals:

• Leak-test: Leak-tests attempt to send data to the Internet server, this is called leaking. Most of the leak-tests from Security Software Testing Suite 64 are configured to use a script on our website that logs leaks to our database by default. For such tests, you can use the My leaks page to see whether the test was able to transmit the data. For leak-tests that do not use this script, we use a packet sniffer in unclear situations. In order to pass many leak-tests, the tested product has to implement various host protection features.
• Spying test: These tests attempt to spy on users' input or data. Keyloggers and packet sniffers are typical examples of spying tests. Every piece of the data they obtain is searched for a pattern, which is defined in the configuration file. These tests usually succeed if the given pattern has been found.
• Autorun test: These tests attempt to install themselves to the system in order to ensure they will be started again. The most common goal of autorun tests is to survive the reboot. Such a system infection is typical for almost all kinds of malware. The tested product fails the autorun test if the test is able to ensure that it, or its part, code, or action, will be started in the future again.
• Self-defense test: This category of tests include various attacks against the security product itself. Termination tests are the first subtype of tests that belongs in this category. These tests attempt to terminate or somehow damage processes of the tested product or their parts. The termination test usually succeeds if at least one of the target processes, or at least one of their parts, was terminated or damaged. Besides processes and threads, the security software usually relies on various files and registry entries. Tests that attempt to remove, destroy or corrupt these critical objects for the security product also belong to this category.
• Other: Tests that do not fit any of the previously defined types are of this type. For example, tests that maliciously modify the system can be found in this category.

The types of tests are defined for information purposes only. They do not determine the process of evaluation of whether the test was passed or failed. Each test implements one or more attacking techniques that can be used for various malicious purposes. A test implemented as a leak-test may use a more general technique that can be used to permanently infect the system. A tested product may be able to block the leak-testing part of the test and it still may fail the test because the core technique of the test may be usable for a different malicious purpose. It happens quite often that we use modified version of tests in order to check whether the tested product really protects against the specific attacking technique of the test or is just able to prevent the current test's implementation from succeeding.

All tests are equal to the intent that their scores are not weighted by their level or something else. The total score of the tested product is counted as follows. For all tests in all levels that the product did not reach, the product's score is 0 %. For all other tests the score is determined by the testing. The total score of the product is a sum of the scores of all tests divided by the number of all tests and rounded to a whole number. It may happen that a new test is added to Proactive Security Challenge 64 when some products already have their results. In such case, the result of this test for already tested products is set to N/A, which means that it is not counted for this product and does not affect its score or level passing. Neither the number of the tests, nor the number of levels is final. We may create new tests and levels in the future. We are also open to your ideas of new testing techniques or even complete tests.

Product's selection and vendors rights

Products for testing are selected from those that were requested for tests by their vendors or often suggested for tests by our visitors, more times than other products. If there are no such products, we will select products for tests ourselves, preferentially taking products that have not been tested at all yet and have a real chance to succeed in our tests. Every vendor has a right for its product to be tested in Proactive Security Challenge 64 for free once in a six months period and this right is valid only for stable and publicly available versions of the products. If a vendor offers more than one product it still has a right of only one free test per six months. Moreover, next free testing of a product will be performed no sooner than three months after the last free testing. This rule should prevent vendors from using Proactive Security Challenge 64 testing as a free beta testing service. We reserve the right to postpone the testing request and in exceptional cases also to completely refuse the testing request with or without a reason. The only exception from the free testing request rule is for vendors that offer a product with an anti-virus or an anti-malware engine and mark any of the tests of Security Software Testing Suite 64 as a virus, an infected code, an unwanted or a malicious application, or offend any part of the suite directly using pattern recognitions or any other form of blacklisting, or offend the Proactive Security Challenge 64 project in any other way. This approach deceives the users of such anti-virus or anti-malware engines and make the testing more difficult for us. The vendors who offend the testing suite have no right for free testing at all but can still request a paid testing.

Paid testing

Every vendor has a right to request the paid Proactive Security Challenge 64 testing, in which case its product will be tested in all levels regardless the results on each of the levels. After the vendor receives the results of the paid testing, it can either keep them private or request their publishing on our website, but such a request will be satisfied only if the previously published results for the tested product, if any, are at least one month old and if the tested version of the product is stable and publicly available. There are no limits of the frequency of the paid tests.

How you can help us

Do you enjoy Proactive Security Challenge 64? Do you want to help us but you do not consider yourself to be a security expert? Still you can help us! If you intend to buy a security software, you may be interested to buy one of the products we recommend in Proactive Security Challenge 64. Have a look at Products' ratings on the results page. The Recommendation column in the table contains links to the online stores or products' web pages of the vendors that we have affiliate agreements with. If you click on any of these links and then buy the tested product or other product offered on the target webpage, we will profit from it. So, if you are going to buy a security software and you like our projects, you can help us! Even if you have the licence already, we can profit if you prolong the licence after you visit the vendor's website through our recommendation links. Thank you!

The rules for the recommended products are simple. The first condition is that the product's Protection level is at least Very good, which means that its final score is at least 80 %. The second condition is that we have an affiliate agreement with its vendor. It is important to note that if the recommended product is retested and does not reach the 80 % limit, it will not be recommended anymore, at least not until the next retesting.

For vendors

We provide various services to vendors of security software. Besides the above mentioned paid Proactive Security Challenge 64 testing, we provide commercial testing based on the original methodology for advanced analyses. We also offer consulting services and research related to Windows internals, implementation of security software, design of security software, reverse engineering and malware analyses. Get more information about the services we offer.

News archive

• 2014-12-08: New results have been published for:
  • avast! Internet Security 2015.10.0.2208
  • Dr.Web Security Space 10.0.0.12011
  • ESET Smart Security 8.0.304.0
  • Panda Global Protection 2015 15.0.4

  ESET Smart Security is the winner for today. Not only that it scored much better than all other products tested today combined, but most importanly, it was the only product that improved its score from its previous version. This product is slowly, but consistently, improving, which is rare among today's security suites. A common pattern that we see more and more often is that a new UI design is the primary thing in new versions of security products and no significant improvements are made on the security field. This does not hold for ESET. Yet still there is a long way to go for this product to play on par with the best. 67 % this time.

  No improvements over the previously tested versions were found in Dr.Web Security Space and avast! Internet Security. Dr.Web does implement more behavioral based protection features than most of security products, but it is simply not good enough yet and major improvements are still needed. 24% for Dr.Web is nothing to be proud of. Especially, if this is the same score as previously. Not much to be said about avast!'s 8% performance. Same as before, nothing interesting.

  The last for today and the worst overall is Panda Global Protection. It almost made it to the unbeatable 0% score, but somehow it managed to get 1 %. The worst among bad, that's Panda.

• 2014-11-01: New results have been published for:
  • F-Secure SAFE Internet Security 2.15.358
  • McAfee Total Protection 2015 13.6.1367
  • VIPRE Internet Security 2015 8.0.3.3
  • Zillya! Internet Security 1.1.4324.0

  None of the products tested this time, including a new product called Zillya! Internet Security, performed well. In fact, VIPRE and Zillya! share the last position in Proactive Security Challenge 64 with only 2 % final score. F-Secure SAFE Internet Security scored 6 %, McAfee Total Protection scored 3 %. It seems to be a new trend on the field of Internet security suites – to come with a fancy new Metro interface and no improvements in protection. There are still too few products among which an advanced user can choose.

• 2014-09-21: New results have been published for:
  • FortKnox Personal Firewall 11.0.505.0
  • Norman Security Suite PRO 11.00
  • Privatefirewall 7.0.30.3
  • SpyShelter Firewall 9.2

  SpyShelter Firewall improved a little bit again and with its 89 % it tied for third place in our challenge with Kaspresky Internet Security. It jumped over Privatefirewall, which kept its 88% score. Unlike Privatefirewall, SpyShelter Firewall is still under very active development and we can expect further improvements in the future. On the field of HIPS security, we believe SpyShelter Firewall will chase the top two products (Outpost and Comodo) soon.

  On the opposite side, no improvement is expected from FortKnox Personal Firewall and Norman Security Suite PRO. These products confirmed their positions among the worst by reaching 4% score.

• 2014-08-06: New results have been published for:
  • Avira Internet Security 2014 14.0.6.552
  • Kaspersky Internet Security 2015 15.0.0.463
  • TrustPort Total Protection 2014 14.0.3.5256
  • Webroot SecureAnywhere IS Complete 8.0.4.104

  We have seen no significant improvements in products tested today. All the tested products reached roughly the same results as before. For Kaspersky Internet Security, this means confirmation of its 3rd position in our challenge with today's 89% score. For all three others, it means confirmation of their poor performances. Best of these was Webroot SecureAnywhere IS Complete that finished with 23 %. Then we have got Avira Internet Security with 9 % and TrustPort Total Protection with 8 %.

• 2014-06-23: A new response from Bitdefender, the vendor of Bitdefender Total Security, has been added.
• 2014-06-14: New results have been published for:
  • Bitdefender Total Security 2014 17.28.0.1191
  • G Data TotalProtection 2015 25.0.1.2
  • Norton Internet Security 2014 21.3.0.12

  Bitdefender Total Security slightly increased its performance, from its previous 7 % to today's 19 %. This is nice, but nothing more than that. The overall score is still very bad.

  Norton Internet Security and G Data TotalProtection have not improved since their last testing. 9 % and 4 % scores are unacceptable results.

• 2014-05-10: New results have been published for:
  • AVG Internet Security 2014.0.4577
  • BullGuard Internet Security 2014 14.0.279.6
  • Comodo Internet Security Premium 7.0.317799.4142
  • ZoneAlarm Free Antivirus + Firewall 13.1.211.000

  Comodo Internet Security 7 finished with the same score as previously tested version 6. It safely keeps its first place in Proactive Security Challenge 64 with 97 %, far ahead of the second Outpost Security Suite Pro with 90 %.

  Zonealarm Free Antivirus + Firewall version 13 also remained at the same score as in the previous testing – 34 %.

  Both BullGuard Internet Security 2014 and AVG Internet Security 2014 jumped up. BullGuard improved its score from previous 3 % to today's 16 %, which is rare, but much greater improvement would be needed for this product to become somehow interesting. But still, better than nothing and better than most ... AVG went also up, but just a little bit. From 3 % to today's 7 %, it means just minor improvements, AVG still remains among the worst.

• 2014-04-03: A new response from Agnitum Ltd., the vendor of Outpost Security Suite Pro, has been added.
• 2014-04-01: New results have been published for:
  • Arcabit Internet Security 2014.0.0.282
  • K7 TotalSecurity 2014 14.1.0.217
  • Outpost Security Suite Pro 9.1.4643.690.1951
  • Total Defense Internet Security Suite 9.0.0.134

  The latest Outpost, version 9.1, performed exactly the same as previously tested version 8. So, we still have Outpost on the second place in our challenge with its 90% score. We will probably have to wait for the next major release of this products to see some improvements.

  Total Defense Internet Security Suite also did not improve over the last time. A minor change in its implementation caused that it lost 1 %, compared to its previous testing, and so the latest version scored 30 % this time. It should be noted that testing of this product was quite hard because there were many bugs that caused that it behaved erratically.

  K7 TotalSecurity and Arcabit Internet Security (previously called ArcaVir Internet Security) also scored exactly the same as previously. For K7 TotalSecurity it means 9 % and for Arcabit Internet Security it means 4 %. Both products thus belong among the worst in our challenge.

• 2014-03-03: New results have been published for:
  • Ad-Aware Total Security 11.1.5354.0
  • Dr.Web Security Space 9.0.1.02060
  • ESET Smart Security 7.0.302.26
  • UnThreat Internet Security 2014 6.2.37.26892

  After a small pause due to extreme amount of work on our other projects we are back with Proactive Security Challenge 64 testing. Simply the best of today's four products is ESET Smart Security 7. Unfortunately, speaking about proactive host protection, we do not see any significant improvements in case of this product, so it still keeps its score of 55 %. Such a score is good enough to be among the TOP 10 products in our challenge, but still quite far from the performance of the few recommended products.

  All other three products tested this time belong to the red zone, including Dr.Web Security Space 9, which scored 24 % again. And also the remaining products Ad-Aware Total Security and UnThreat Internet Security kept their score from the previous testing, both at 3 %, no progress whatsoever.

• 2013-12-20: New results have been published for:
  • FortKnox Personal Firewall 10.0.505.0
  • McAfee Total Protection 2014 12.8.903
  • Panda Global Protection 2014 7.01.01

  All three products tested this time belong to a group of products that perform poorly in long-term and there are no indications that this should change in the foreseeable future. All these products reached the same score as their previously tested versions – FortKnox Personal Firewall 5 %, McAfee Total Protection and Panda Global Protection 3 %. We will retest these and similar products only when new major versions are released, and someday we will hopefully see a progress.

  Have a nice end of year 2013 and good luck in 2014!

• 2013-11-25: New results have been published for:
  • avast! Internet Security 2014.9.0.2008
  • Kaspersky Internet Security 2014 14.0.0.4651
  • SpyShelter Firewall 2.7

  avast! Internet Security, what happened? With the version 8 of avast! it seemed that it started to take proactive host protection seriously but now the new version 9 went back again. 32% to 8% score is a progress in the opposite direction than we would appreciate.

  Kaspersky Internet Security 2014 improved a little bit over its 2013 version and went up by 2 % to 88 %. Good job. However, the new version comes with a great reduction of information provided to the user in its pop-up dialogs, which makes it sometimes very hard to correctly understand its queries and subsequently make correct safe decisions on whether or not to allow certain actions.

  SpyShelter also improved by 2 % to current 87 % and is very promising for the future. Very well done here.

• 2013-10-29: A new response from Comodo Security Solutions, Inc., the vendor of Comodo Internet Security Premium, has been added.
• 2013-10-27: A single product update:
  • Comodo Internet Security Premium 6.3.297838.2953

  COMODO - Proactive Security - This configuration turns CIS into the ultimate protection machine. All possible protections are activated and all critical COM interfaces and files are protected. This is what Comodo's online help states and we have to admit that the latest version of Comodo Internet Security really is the ultimate protection machine. From its previous 92 % Comodo Internet Security jumped to today's 97 %, and is now very close to the perfect result. Comodo Internet Security raised the bar again and blocked many of the most complex attacking techniques that Security Software Testing Suite 64 offers. Comodo now leads the challenge 7 % ahead of Outpost. Great job and congratulations!

• 2013-10-18: New results have been published for:
  • ESET Smart Security 6.0.316.0
  • Jetico Personal Firewall 2.1.0.13.2471
  • VIPRE Internet Security 2014 7.0.6.2

  Only minor updates have been released to ESET Smart Security and Jetico Personal Firewall. No significant improvements have been implemented and this is why their overall performance in Proactive Security Challenge 64 remains on the same level (58 % for Jetico, 55 % for ESET this time). Both these products provide similar level of protection, far ahead of most of the tested products in our challenge, but still far behind the best. Jetico still suffers from its problems with "indirect relativeness" protection which does work sometimes but could cause major headaches to its users in case of malware infection of the protected computer. Unlike ESET Smart Security, it does not seem that Jetico Personal Firewall is under a very active development. This is evident from its release notes.

  VIPRE Internet Security also keeps its level of protection, but unlike the other two products, its proactive protection is really one of the worst in our challenge. 2 % again for VIPRE Internet Security.

• 2013-09-23: New results have been published for:
  • BullGuard Internet Security 2013 13.0.262
  • F-Secure Internet Security 2014 12.89.202
  • Webroot SecureAnywhere Complete 2013 8.0.2.174

  Webroot SecureAnywhere Complete 2013 scored 22 % – the best score among the products tested today. Yet still, this score is not good enough and Webroot SecureAnywhere Complete remains in the large group of products with the unsatisfying none protection level.

  F-Secure Internet Security 2014 is the first product marked with 2014 label in our test. It comes with a slightly improved protection against basic termination techniques and thus it finished with 5 %, which is 2 % better than its 2013 version.

  BullGuard Internet Security 2013 13.0.262 scored exactly the same as the old version and with the score of 3 % it stays deep in the red zone among the worst products in our challenge.

• 2013-09-08: New results have been published for:
  • Avira Internet Security 2013 13.0.0.4052
  • Dr.Web Security Space 8.2.1.08220
  • ZoneAlarm Extreme Security 2013 11.0.780.000

  Dr.Web Internet Security 8.2 added new autorun location rules and this improvement caused it to go up 13 % in the overall score from 11 % to its current 24 %. Definitely a good way to go, but why not to cover even more autorun locations? They are all very well known today and it should be no problem to add them to the ruleset. Implementing a parent process control or otherwise protecting trusted applications from being misused by untrusted would also help a lot.

  ZoneAlarm Extreme Security remained on its 34% score. It holds this position for quite a while now. It might be a good time to move forward and implement some additional protection. How about to review product's files and registry entries and secure them against malicious manipulation? There are a few other holes that could be fixed and move this product up in the score.

  Avira Internet Security went the opposite way – from its previously 9% score to today's 6 %. One of the worst on this field.

• 2013-08-05: New results have been published for:
  • AVG Internet Security 2013.0.3392
  • Norton Internet Security 2013 20.4.0.40
  • TrustPort Total Protection 2013 13.0.10.5106
  • ZoneAlarm Free Antivirus + Firewall 11.0.768.000

  After vacations we are back with new results. This time we have retested four products with minor version updates. It is not surprising that these new versions did not come with significant improvements. In fact, all the tested products reached exactly the same scores as their previously tested versions. For ZoneAlarm Free Antivirus + Firewall this means 34% score, far ahead of the three other products tested today. Norton Internet Security 2013 scored 10 %, TrustPort Total Protection 2013 scored 8 %, and AVG Internet Security 2013 as little as 3 %.

• 2013-06-17: New results have been published for:
  • Bitdefender Total Security 2013 16.30.0.1843
  • eScan Internet Security Suite 14.0.1400.1381
  • Rising Personal Firewall v16 24.00.15.64
  • Privatefirewall 7.0.29.1

  Last time we have informed you about Rising products being moved among dead products on Proactive Security Challenge 64's product list. One of our visitors, however, informed us that it was only the vendor's English presentation (website, social media) that has been without update and that their Chinese website was still active and included a new version of Rising Personal Firewall. This is why we moved Rising back among live products and tested its latest version, which is called v16. Unfortunately, its performance in Proactive Security Challenge 64 was as bad as of Rising Internet Security 2011 that was tested long time ago.

  Privatefirewall released Windows 8 compatible version and so we tested it. Its results in our challenge were without change. This means its very high standard has been kept and we will see if next versions can come with improvements on the field of proactive security too. 88 % for Privatefirewall today.

  eScan Internet Security Suite with Cloud has replaced the "without cloud" version in our challenge. Although there are some minor improvements, no significant step towards has been made here. 14% score is somehow better than most of the products achieved in our challenge, but it is still very far from being good.

  We have also retested Bitdefender Total Security. Its latest version finished just as badly as its previously tested version. 7% score for Bitdefender.

• 2013-05-24: New results have been published for:
  • G Data TotalProtection 2014 24.0.1.5
  • McAfee Total Protection 2013 12.1.323
  • Panda Global Protection 2013 6.01.01

  Only three products have been tested today. This is caused by two factors. The first is that many vendors release their new major versions every year in autumn and thus summer time lacks new releases that we could test. Another fact is that in recent months and years, many of the security products have been discontinued and only very few new products have been created. Symantec announced recently that whole PC Tools Security section has been retired. Without any announce, but quite clearly, Rising security software is probably dead since the latest versions come with 2011 mark in their name. No social media updates for more than a year just support this view. And so the list of products that are considered alive and under an active development is shorter and shorter while the list of dead products is almost twice as long now. And although we have been informed about a new product on the market called Protector Plus Internet Security, this turned out to be yet another product based on Outpost product line's engine. Outpost's engine is one of the best but this means that nothing really new has been created on the market.

  Today's results are not very interesting because all three products just confirmed their extremely poor performance and neither went even over 5% score. We have to wait a little bit more to see new versions of better products that it will be interesting to test.

• 2013-04-19: A response from SpyShelter, the vendor of SpyShelter Firewall, has been added.
• 2013-04-17: New results have been published for:
  • ArcaVir Internet Security 2013 13.4.6401.0
  • avast! Internet Security 8.0.1483
  • SpyShelter Firewall 2.2

  Three months ago we have tested SpyShelter Firewall for the first time in our challenge and its results were Very good. Not so long after our first test, SpyShelter Firewall 2.2 has been released. Today, we are pleased to say that it managed to join the club of few products that passed the 80 % score line. The new version scored 85 % and strengthen its position on the fifth place in our Proactive Security Challenge 64, just 1 % behind Kaspersky Internet Security 2013. It should be noted that this product has a good potential to be improved even further. There are still a few techniques that are easy to cover from the technological point of view, so we may see it jumping up soon. Good job!

  avast! Internet Security in its version 8 also comes with some improvements. It reached 6th level with a final score of 32 %. Although this result still can not be considered as a good one, the difference over the previously tested version is 17 %, which is significant. Definitely a better score than most of the bigger suites. We will be interested to watch the progress of avast!'s future versions.

  ArcaVir Internet Security 2013 finished with 4 % score, which is the same result as of its 2012 version.

• 2013-04-10: A response from SpyShelter, the vendor of SpyShelter Firewall, has been added.
• 2013-03-25: A response from Agnitum Ltd., the vendor of Outpost Security Suite Pro, has been added.
• 2013-03-20: New results have been published for:
  • eScan Internet Security Suite 11.0.1139.1277
  • K7 TotalSecurity 2013 13.1.0.188
  • Outpost Security Suite Pro 8.0.4164.639.1856
  • Total Defense Internet Security Suite 8.0.0.215

  Great job Outpost! Outpost Security Suite Pro 8 is again better than its previous version. With today's 90% score, Outpost Security Suite Pro have become the second product to reach the Excellent level of protection in Proactive Security Challenge 64. It is now just 2 % behind the absolute and long-term leader of our challenge – Comodo Internet Security.

  Total Defense Internet Security Suite also went up. This time from 21% score to 31 %. Although this is better than most of the tested products, it is still way to far from being considered as at least Good. There are too many holes and also bugs in this product. Quite a lot of work will be needed to make it usable and secure at least on a basic level.

  K7 TotalSecurity with its today's 9 % and eScan Internet Security Suite with 5 % belong among products that you should not rely on if a security based on behavior blocking is important for you. Just pick something else.

• 2013-02-20: New results have been published for:
  • ESET Smart Security 6.0.308.0
  • FortKnox Personal Firewall 9.0.305.0
  • Jetico Personal Firewall 2.1.0.12.2466
  • UnThreat Internet Security 2013 6.1.36.15542

  The performance of the new version of Jetico Personal Firewall was exactly the same as of its previously tested version – 59% score. No improvements on the field of proactive security in this product. The problems with the "indirect relativeness" feature are still present in Jetico Personal Firewall and so are all its weak points (e.g. no keylogger protection, poor protection against advanced malicious techniques) as well as its strong points (e.g. very good process and file protection, fair autorun protection).

  Although new ESET Smart Security 6 scored better than its version 5, the overall result was disappointment for us. We hoped ESET Smart Security could reach much more than 56 %. There are still quite many problems in its protection that could be fixed easily which would lead to significant improvement in its protection.

  FortKnox Personal Firewall scored 5 %, UnThreat Internet Security 3 %, neither of these two products offer serious host protection features.

• 2013-01-18: New results have been published for:
  • Comodo Internet Security Premium 6.0.260739.2674
  • SpyShelter Firewall 1.5
  • VIPRE Internet Security 2013 6.1.5493
  • ZoneAlarm Extreme Security 2013 11.0.000.038

  After quite a long time we have a new version of Comodo Internet Security here in Proactive Security Challenge 64. Comodo Internet Security confirmed its number one position on the field of Windows proactive security once again. Although it lost 2 % points comparing to its previously tested version, it is still the only product that reached over the 90% bar. 92% score for today for Comodo. Congratulations!

  SpyShelter Firewall is new to our challenge. Most of the tested products just failed hardly for the first time. Not SpyShelter Firewall! This was one of the greatest positive surprises we have had here in the last couple of months. SpyShelter scored 79 % and next time it may even go for an excellent score if its vendor fixes several minor weak points that we found. Good job!

  The previously tested paid ZoneAlarm Extreme Security performed slightly better than its free alternative ZoneAlarm Free Antivirus + Firewall. However, it seems that a functionality, which was responsible for protecting the browser against various malicious techniques, was removed from ZoneAlarm Extreme Security and so this time it scored just as its free cousin tested last time – 34 %.

  With its 2% result, VIPRE Internet Security went to the absolute bottom of the result table.

• 2012-12-18: New results have been published for:
  • BullGuard Internet Security 2013 13.0.254
  • Dr.Web Security Space 8.0.0.12060
  • Webroot SecureAnywhere Complete 2013 8.0.2.66
  • ZoneAlarm Free Antivirus + Firewall 11.0.000.020

  This was one of the hardest updates we had here in Proactive Security Challenge 64 so far. It was mostly because of BullGuard Internet Security 2013, which by the way scored only 3 %. Even on this level of protection we wanted to be sure the results were correct. Despite that the product was completely terrible just as this one. The problem was that BullGuard's behavior was unpredictable, hardly repeatable, pretty much random. Not only that clicking on the Block button would cause the offending action to succeed just as if you hit the Allow button, but some actions were sometimes randomly detected and sometimes not. It is not unusual that due to several factors the products are inconsistent in their behavior. But never as much as in the case of BullGuard.

  ZoneAlarm Free Antivirus + Firewall was exactly the opposite testing experience. Very clean, smooth testing without any problems that confirmed the better than average protection level of this version of ZoneAlarm. 34% score is exactly the same performance as in the case of its previously tested version.

  The new Dr.Web Security Space also performed exactly the same as its older version – 11 % and nothing to be proud of. It is really unclear how the vendors develop their products on this field. In Dr.Web, they probably consider Autorun techniques to be potentially dangerous and so they monitor malicious attempts to use them. Then the question is why just some of them. Why not all of them or at least those most used by malware and those that are most dangerous. No, they just picked out some of them.

  Webroot SecureAnywhere Complete 2013 is the only one that improved its score compared to its last time. Unfortunately, the improvements are not significant and the final results of 11 % is still not good.

• 2012-11-21: New results have been published for:
  • F-Secure Internet Security 2013 12.71.102
  • Norman Security Suite PRO 10.00
  • Norton Internet Security 2013 20.2.0.19
  • PC Tools Internet Security 2012 9.1.0.2898

  Today's results are disapointing, especially in case of Norton Internet Security and PC Tools Internet Security. These two products belong under Symantec Corporation and their results are similarly poor. Since previous versions of both products did achieve better results in the past (in former Proactive Security Challenge on 32-bit Windows XP platform PC Tools once reached almost the perfect score and Norton was once as high as on 67 %) it can be concluded that proactive security features are not of high priority for Symantec anymore. It is funny that the latest version of PC Tools Internet Security implements some kind of protection against permanent malware infection (i.e. autorun techniques) while Norton Internet Security 2013 fails this part completely. And on the other hand, Norton Internet Security offers some self-protection features that PC Tools Internet Security misses. Instead of having two products under development, it might be a good idea for Symantec to have one good product. PC Tools Internet Security finished with 6 % today and Norton Internet Security with 9 %.

  F-Secure Internet Security 2013 and Norman Security Suite PRO 10 also scored poorly with 3 % and 4 % respectively.

• 2012-10-10: New results have been published for:
  • AVG Internet Security 2013.0.2677
  • Avira Internet Security 2013 13.0.0.2693
  • McAfee Total Protection 2013 11.6.434
  • Panda Global Protection 2013 6.00.01

  This is the time of the year during which many vendors introduce new versions of their products for the upcoming year. The 2013 label is included in version names of all products tested today. More 2013 products will be tested next time.

  Avira Internet Security is the product that finished with the highest score today, but since its score is as low as 9 %, we can hardly speak about a success. Yes, a slight improvement over the previsouly tested 2012 version, but this is just not good enough. The results of other 2013 products tested today are not worth mentioning. They all provide nothing but a simple and easy to bypass functionality on the field of host protection and proactive security.

• 2012-10-04: We have revised and improved the Proactive Security Challenge 64 product list. The list newly contains information about Windows 8 support.
• 2012-09-18: A single product update:
  • Kaspersky Internet Security 2013 13.0.1.4190

  With the new 2013 version, Kaspersky Internet Security returns to the top. Kaspersky Internet Security 2013 is able to control most of the malicious techniques. The only general problem this product has is with COM/OLE based techniques. Its today's score is 86 %, a Very good level of protection, which is currently enough for the tied third place in our challenge. Congratulations!

• 2012-09-04: New results have been published for:
  • AhnLab V3 Internet Security 8.0.6.6.1197
  • ArcaVir Internet Security 2012 12.8.6401.1
  • TrustPort Total Protection 2013 13.0.3.5073
  • ZoneAlarm Extreme Security 2012 10.2.074.000

  A regular update for the latest versions of ZoneAlarm Extreme Security and TrustPort Total Protection confirmed their previous results. For ZoneAlarm Extreme Security, this means 43 % and 8th position in our challenge. For TrustPort Total Protection, it is 8 %, which means a position among other software that we can not recommend for its proactive protection.

  ArcaVir Internet Security and AhnLab V3 Internet Security were tested for the first time in our challenge but their result were not good. The score of AhnLab V3 Internet Security is 2 %, which means the worst result in Proactive Security Challenge 64 from all the tested products so far. ArcaVir Internet Security scored 4 % and finished better than AhnLab only because of its ability to protect some registry entries from being infected.

• 2012-08-07: A response from PWI, Inc., the vendor of Privatefirewall, has been added.
• 2012-08-07: New results have been published for:
  • Bitdefender Total Security 2013 16.18.0.1406
  • G Data TotalSecurity 2013 23.0.4.0
  • Privatefirewall 7.0.28.1
  • UnThreat Internet Security 2012 4.2.33.12488

  The latest version of Privatefirewall came with many great improvements that caused its score to jump up from the previous 56 % to the today's almost excellent 88 %. There are just few techniques left that can be used to bypass its protection. COM based techniques that are used in tests such as Flank, BITStest or Schedtest3 cause big troubles to Privatefirewall. Otherwise the protection of Privatefirewall is very solid. Privatefirewall takes the second place in our challenge, a great result for another product that is available free of charge!

  Bitdefender Total Security 2013 scored exactly the same as its previously tested 2012 version. This means no improvements on the field of host protection security that Proactive Security Challenge 64 focuses on. 9% score is just not good enough.

  Bitdefender has not improved, but G Data TotalSecurity in its 2013 version scored even worse than its previously tested 2012 version. A huge security suite that ended deeper in the red zone than the last time. 4 % for G Data this time.

  Unlike other three products tested today, UnThreat Internet Security is new to our challenge. However, its debut testing ended early in the first level with 3 % score, which means that we have just discovered another product that we can not recommend.

• 2012-07-13: New results have been published for:
  • avast! Internet Security 7.0.1456
  • ThreatFire 4.7.0.53
  • Outpost Security Suite Free 7.1.1.3431.520.1248
  • ZoneAlarm Free Antivirus + Firewall 10.2.064.000

  Except for avast! Internet Security, the products tested today are free of charge. Outpost Security Suite Free and ZoneAlarm Free Antivirus + Firewall are free versions of commercial products that we already tested in our challenge. ThreatFire is new to Proactive Security Challenge 64.

  Today's best score was reached by Outpost Security Suite Free. The same engine is being used in both the free and the Pro version of Outpost products. The difference between the free version and the commercial Pro version is that the free version uses slightly older version of the engine. This is why the protection of Outpost Security Suite Free is lower and so is its score – 71 %. Still a Good level of protection.

  ZoneAlarm Free Antivirus + Firewall finished with 34 %. This score is lower than the score of its paid version because some of the features of the paid version are not included in the free version – the protection against keyloggers for example.

  avast! Internet Security is the only product tested today that is not available for free. The results of its recently released major version 7 are exactly the same as those of the previously tested version 6, which means 15 %. On the field of protection features that are tested in our challenge, there are no improvements in the new version of avast!.

  ThreatFire passed few tests and finished with 5% score in the red zone among many others.

• 2012-06-18: New results have been published for:
  • ESET Smart Security 5.2.9.1
  • K7 TotalSecurity 2012 12.1.0.119

  ESET Smart Security goes up by 18 %. It is clear that the new HIPS feature in ESET Smart Security is under development and it is getting better and better with every bigger update. There still are some unsolved problems and uncovered attack methods that prevent ESET Smart Security to join the products at the top of the table in Proactive Security Challenge 64, but the progress is evident. We hope to see even more improvements in this product in the future, keep up good work!

  K7 TotalSecurity was tested for the first time in our challenge. Although the product's interface suggests its security might have a potential to pass many tests in our challenge, it was not the case. This product is somehow broken. It can be configured so that it seems that various attacking techniques should be blocked, but they are not. This problem was confirmed by two independent testers. And this is why its final result is as low as 3 %.

• 2012-05-21: New results have been published for:
  • Ad-Aware Total Security 21.1.0.30
  • eScan Internet Security Suite 11.0.1139.1150
  • Total Defense Internet Security Suite 8.0.0.87
  • VirusBuster Internet Security Suite 4.1

  VirusBuster Internet Security Suite is a product that is based on the Outpost engine. This is why it did not surprise us that it scored well and took the third position in our challenge. It is natural that products that are based on third party engines do perform a bit worse than the original products. Most common reasons are that the derived products use slightly older versions of engines or that they are not so perfectly tweaked or do not utilize all possibilities of the used engine. This is the case of VirusBuster. It finished with 71% score, which means a protection very close to what Outpost Security Suite Pro offers.

  If Total Defense Internet Security Suite sounds unknown to you, note that it used to be called CA Internet Security Suite. The Internet Security division of CA Technologies has become an independent company called Total Defense, Inc. The core of their flagship product has not changed, just its name has. In our tests Total Defense scored 21 %, which is not a good result. This product implements many security features, but most of them are half-baked. This means some methods of infecting the system are secured, some are not; the self-defense is effective against several techniques but some can break it; the user's data can not be stolen from the protected machine using basic methods, but when more advanced techniques are used, it is no problem. Some of the features of Total Defense are implemented using insecure user mode hooks.

  eScan Internet Security Suite offers just a very basic set of features. Nothing much to talk about. 5 % for eScan for today.

  Ad-Aware Total Security is another product tested today that is based on a third party engine. In this case, it is the engine of G Data. And this is probably the main reason why Ad-Aware Total Security finished among the worst products in Proactive Security Challenge 64 with the score as low as 3 %.

• 2012-04-16: New results have been published for:
  • BullGuard Internet Security 12.0.218
  • FortKnox Personal Firewall 8.0.205.0
  • Kaspersky Internet Security 2012 12.0.0.374
  • Webroot SecureAnywhere Complete 2012 8.0.1.165

  The very same version of Kaspersky Internet Security 2012 was tested almost a year ago (on 20th June 2011) in former Proactive Security Challenge (tests were performed on 32-bit Windows XP platform) and its results were excellent, over 90 %. On 64-bit Windows 7 platform that is used for Proactive Security Challenge 64, the results of Kaspersky Internet Security 2012 are much worse – exactly 28 %. This difference is significant but it confirms the trend we have experienced since upgrading to 64-bit Windows 7 platform. The security software vendors do have serious troubles implementing same level of security here. However, the case of Kaspesrky Internet Security is little more complex. As we can see no major update has been done for almost a year to Kaspersky Internet Security 2012, but its vendor has been working on a new version called Kaspersky Internet Security 2013 and have already asked us to privately test it under Proactive Security Challenge 64's methodology. Since Kaspersky Internet Security 2013 is still in the beta stage, the rules of our project do not allow its results to be published, but we can confirm that the results of privately tested Kaspersky Internet Security 2013 Beta were close to the results of the 2012 version on 32-bit Windows XP platform. The fans of Kaspersky Internet Security should not be worried too much since the upcoming version 2013 is expected to rescue the currently lost positions again.

  Another drop in score is the case of Webroot. Today's score of Webroot SecureAnywhere Complete is as low as 6 %, which is a position deeply in the red zone. Webroot products used to work on Privatefirewall engine, but it seems that this cooperation has been ended. The architecture of Webroot products have been changed. They are now based on a thin client and the whole protection has been moved to the cloud. The client implements only very basic self-defense features and does not otherwise protect the host computer. This means that Webroot relies heavily on its antivirus detection and any new and undetected malware can have it as an easy target.

  FortKnox Personal Firewall with 5 % and BullGuard Internet Security with 3 % confirm their long term position among the worst in our challenge. Hence their results are not surprising.

• 2012-03-27: A response from Agnitum Ltd., the vendor of Outpost Security Suite Pro, has been added.
• 2012-03-20: New results have been published for:
  • Dr.Web Security Space 7.0.0.10140
  • Outpost Security Suite Pro 7.5.2.3939.602.1809
  • TrustPort Total Protection 2012 12.0.0.4860
  • ZoneAlarm Extreme Security 2012 10.1.079.000

  Finally! We found another product that succeeded in Proactive Security Challenge 64. It is the new Outpost Security Suite Pro. Its performance in the tests was great. It had some problems with more advanced techniques, especially those based on COM technology, but otherwise this product just rocked. Its 86% score is really a Very good result. Consider that from twenty products tested so far only two of them reached more than 60 %. Congratulations!

  Quite a pleasant surprise is the performance of ZoneAlarm Extreme Security 2012. Although its overall score is "only" 43 % (this is still and will be better than most), it offers a good self-defense, very good anti-keylogging features, and a solid autorun protection – i.e. it can prevent a permanent computer infection. It fails against more advanced attacking techniques, however, and so there is still quite a lot of space for improvements.

  Dr.Web Security Space scored 11 % this time. This product does not prevent trusted processes from being misused by malware and its autorun protection is incomplete. On the other hand, its self-defense capabilities seem promising and the most basic features work well.

  The result of TrustPort Total Protection 2012 is not surprising. Although its today's result is better than results of its previous versions tested in former Proactive Security Challenge, it is still deep in the red zone. TrustPort offers only a very basic protection and so it is 8 % for TrustPort for today.

• 2012-02-17: New results have been published for:
  • Bitdefender Total Security 2012 15.0.36.1530
  • Norman Security Suite PRO 9.00
  • Norton Internet Security 2012 19.5.0.145
  • Rising Internet Security 2011 23.00.55.71

  There is nothing much to comment about today's results. They were just worse than expected. Bitdefender Total Security was expected to reach the highest levels but failed to do so. The excellent score that its previously tested 2011 version reached in the former Proactive Security Challenge, which tested products on the 32-bit Windows XP platform, is gone. On the 64-bit Windows 7, the performance of Bitdefender Total Security 2012 version is incomparable – 9 %. Similarly, the final score of 10 % for Norton Internet Security is a bit of a disappointment. Norman Security Suite PRO also finished on the second level and it scored 6 % – only basic level of protection.

  The worst results have been measured for Rising Internet Security, its 3% score is just another unpleasant surprise considering its much better results on the 32-bit platform.

• 2012-01-16: Responses from Comodo Security Solutions, Inc., the vendor of Comodo Internet Security Premium, and PWI, Inc., the vendor of Privatefirewall, have been added.
• 2012-01-13: New results have been published for:
  • Comodo Internet Security Premium 5.9.219863.2196
  • F-Secure Internet Security 2012 12.44.110
  • G Data TotalSecurity 2012 22.1.0.0
  • Privatefirewall 7.0.25.5

  Comodo Internet Security did it again! There were few tests that it failed this time and it is probably just a matter of time for this product to reach the perfect score in our challenge again. Comodo Internet Security outclassed all products that have been tested in Proactive Security Challenge 64 so far. With 94% score its position on the top of the table is stronger than ever before. Congratulations!

  Privatefirewall looked very promising on lower levels, but harder tests on higher levels did not allow this popular free product to get to the top. 56% score currently means 3rd place in Proactive Security Challenge 64. Privatefirewall's core is solid, its self-protection is almost perfect and the autorun protection control is very good. Having long term experience with this product, we expect that Privatefirewall will be improved in the future and will strengthen its position on the top of the result table.

  F-Secure Internet Security 2012 and G Data TotalSecurity 2012 did not surprise us. Although G Data TotalSecurity performed little better than F-Secure Internet Security, its final score is as low as 5 %. The implementation of many of its features is incomplete – for example the autorun control or the self-defense features. F-Secure Internet Security then passed even less tests and finished with 3% score.

• 2011-12-21: New results have been published for:
  • AVG Internet Security 2012.0.1890
  • avast! Internet Security 6.0.1367
  • Avira Internet Security 2012 12.0.0.832
  • PC Tools Internet Security 2012 9.0.0.898

  This time we wanted to give you a product that scores better than others, possibly attacks the 80% bar. This is why we included PC Tools Internet Security in this update. It was a big and unpleasant surprise that its performance in Proactive Security Challenge 64 was extremely poor. If you remember its excellent results from Proactive Security Challenge, you must be surprised too. On 64-bit Windows 7 SP1 platform, the tested version of PC Tools Internet Security 2012 succeeded against just a few tests and its final score is as low as 6 %. We hope that the related issues in its protection will be solved quickly and that PC Tools Internet Security will strike back among the top products soon.

  Since PC Tools Internet Security performed poorly, it was avast! Internet Security that finished with the best score among the products tested this time. Yet still its performance is not good enough. It offers only a basic protection against some of the attacking techniques leaving malware plenty of ways to bypass its protection. Its final score is 15 %, still deep in the red zone.

  AVG Internet Security and Avira Internet Security remain consistent in their poor results. Nothing new on this field – 3% score for AVG, 4% for Avira. Both products pass only the most trivial tests.

• 2011-12-01: New results have been published for:
  • ESET Smart Security 5.0.94.0
  • Jetico Personal Firewall 2.1.0.10.2451
  • McAfee Total Protection 2012 11.0.623
  • Panda Global Protection 2012 5.01.00

  Jetico Personal Firewall has a solid protection base. It is strong against process related attacks and also against techniques manipulating files. Its coverage of autorun locations is also very good. Jetico Personal Firewall is not able to prevent spying techniques such as keylogging and it also loses facing more advanced attacking techniques. Its indirect relativeness feature could also create more problems than benefits. Still, its final 59% score is and will be much better than the average.

  ESET Smart Security 5 is the first serious attempt of ESET to implement HIPS features into their security suite. There are many good things implemented in ESET Smart Security, especially its coverage of autorun locations is very solid, but it will take a long time for this product to make it on the top – at least on the field of host protection features. ESET Smart Security covers basic techniques well but loses against more advanced attacks. Final score 33 %.

  Both McAfee Total Protection and Panda Global Protection scored as little as 3 % this time. The protection features are half-baked. For example McAfee Total Protection's self-protection covers only some of the components of this products; and some features of Panda Global Protection seems to rely on unsafe user mode hooks. Both solutions pass only the most simple tests.

• 2011-12-01: Proactive Security Challenge 64 has been started. It replaces Proactive Security Challenge.

valid HTML 4.01 · valid CSS 2 · optimized for you · design by martina · powered by jan · generated on June 30, 2017