Poll
Should software vendors reward independent researchers for finding vulnerabilities in their software?
Proactive Security Challenge
- Introduction
- Results and comments
- Testing levels
- List of products
- Archive of results
- My leaks
- Frequently asked questions
Testing levels
Contents:
Level 1
The product has to score at least 50% in the tests on this level to pass it.
Tests
Autorun1
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun1 checks whether a malicious software can ensure its code to be persistent in the system by installing itself into the system registry so that Windows Explorer runs the malware every time the user logs in.
Autorun3
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun3 checks whether a malicious software can ensure its code to be persistent in the system by installing itself into the system registry so that Windows Explorer runs the malware every time the current user logs in.
Breakout2
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Breakout2 checks whether it is possible to bypass the tested product using Active Desktop COM interface.
Coat
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Coat checks whether the tested product identifies the trusted processes properly.
ECHOtest
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: ECHOtest finds out whether the tested product filters ICMP traffic.
FileDel2
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileDel2 checks whether the tested product protects its files and directories against malicious deletion using a special system call.
Kill1
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Kill1 tests whether the tested product protects its processes
against termination. If it fails this test, it is likely that it does not implement self-defense mechanisms at all.
Kill2
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Kill2 tests whether the tested product protects threads of its
processes against termination.
Leaktest
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Leaktest finds out whether the tested product filters outbound TCP traffic.
Tooleaky
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Tooleaky checks whether the tested product controls Internet Explorer launching.
Wallbreaker1
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Wallbreaker1 checks whether the tested product controls Windows Explorer launching.
Yalta
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Yalta checks whether the tested product filters outbound UDP traffic.
Result table
In the following table 
represents the 100% result and 
represents the 0% result. Other values are displayed as rounded whole numbers. The last two columns summarize the product's
score on this level and whether it passed this level or not.
| Product | I. Breakout2 | I. FileDel2 | I. Leaktest | I. Yalta | Score | Result | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| II. Autorun3 | II. ECHOtest | II. Kill2 | II. Wallbreaker1 | |||||||||||
| III. Autorun1 | III. Coat | III. Kill1 | III. Tooleaky | |||||||||||
| III. | II. | I. | III. | II. | I. | III. | II. | I. | III. | II. | I. | |||
| avast! IS | 0 | 0 | 0 | 100 | 0 | 100 | 100 | 100 | 100 | 0 | 0 | 0 | 42% | FAILED |
| AVG | N/A | N/A | 0 | 100 | 0 | N/A | 0 | 0 | 100 | 0 | 0 | 0 | 22% | FAILED |
| Avira | N/A | N/A | 0 | 100 | 100 | N/A | 100 | 50 | 100 | 0 | 0 | 100 | 61% | PASSED |
| BitDefender | N/A | N/A | 0 | 100 | 0 | N/A | 100 | 100 | 100 | 100 | 0 | 100 | 67% | PASSED |
| CA ISS | N/A | N/A | 0 | 100 | 0 | N/A | 0 | 0 | 100 | 100 | 100 | 0 | 44% | FAILED |
| Comodo IS | N/A | N/A | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | 100 | 100% | PASSED |
| eConceal Pro | N/A | N/A | 0 | 0 | 0 | N/A | 0 | 0 | 100 | 100 | 0 | 100 | 33% | FAILED |
| ESET | N/A | N/A | 0 | 100 | 100 | N/A | 0 | 0 | 100 | 0 | 0 | 0 | 33% | FAILED |
| FortiClient | N/A | N/A | 0 | 0 | 100 | N/A | 0 | 0 | 100 | 0 | 0 | 100 | 33% | FAILED |
| F-Secure | N/A | N/A | 0 | 100 | 100 | N/A | 100 | 100 | 100 | 0 | 0 | 0 | 56% | PASSED |
| G DATA IS | N/A | N/A | 0 | 100 | 0 | N/A | 0 | 0 | 100 | 0 | 0 | 100 | 33% | FAILED |
| Jetico v2 | N/A | N/A | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | 100 | 100% | PASSED |
| Kingsoft | N/A | N/A | 0 | 0 | 0 | N/A | 100 | 100 | 100 | 0 | 0 | 100 | 44% | FAILED |
| KIS | N/A | N/A | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | 100 | 100% | PASSED |
| Lavasoft | N/A | N/A | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | 100 | 100% | PASSED |
| Malware Defender | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100% | PASSED |
| Mamutu | N/A | N/A | 0 | 100 | 0 | N/A | 0 | 0 | 100 | 0 | 0 | 0 | 22% | FAILED |
| McAfee IS | 0 | 0 | 0 | 100 | 0 | 100 | 0 | 0 | 100 | 0 | 0 | 100 | 33% | FAILED |
| Netchina | N/A | N/A | 0 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | 100 | 89% | PASSED |
| Norman | N/A | N/A | 0 | 0 | 0 | N/A | 0 | 0 | 100 | 0 | 0 | 100 | 22% | FAILED |
| Norton IS | 0 | 0 | 100 | 100 | 100 | 0 | 100 | 100 | 100 | 100 | 100 | 100 | 75% | PASSED |
| OA Free | N/A | N/A | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | 100 | 100% | PASSED |
| OA Premium | N/A | N/A | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | 100 | 100% | PASSED |
| OneCare | N/A | N/A | 0 | 100 | 0 | N/A | 0 | 0 | 100 | 0 | 0 | 100 | 33% | FAILED |
| Outpost Free | N/A | N/A | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | 100 | 100% | PASSED |
| Outpost Suite | N/A | N/A | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | 100 | 100% | PASSED |
| Panda | N/A | N/A | 0 | 100 | 0 | N/A | 0 | 0 | 100 | 0 | 0 | 100 | 33% | FAILED |
| PC Tools | N/A | N/A | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | 100 | 100% | PASSED |
| Privatefirewall | 0 | 0 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 83% | PASSED |
| Rising | N/A | N/A | 0 | 100 | 100 | N/A | 0 | 0 | 100 | 0 | 0 | 100 | 44% | FAILED |
| Sunbelt | N/A | N/A | 0 | 100 | 0 | N/A | 0 | 0 | 100 | 100 | 100 | 0 | 44% | FAILED |
| ThreatFire | N/A | N/A | 0 | 100 | 0 | N/A | 100 | 0 | 100 | 100 | 0 | 0 | 44% | FAILED |
| TrendMicro | N/A | N/A | 0 | 100 | 0 | N/A | 0 | 0 | 100 | 100 | 100 | 100 | 56% | PASSED |
| TrustPort | N/A | N/A | 0 | 100 | 0 | N/A | 0 | 0 | 100 | 0 | 0 | 100 | 33% | FAILED |
| Webroot | N/A | N/A | 100 | 100 | 0 | N/A | 100 | 100 | 100 | 100 | 100 | 100 | 89% | PASSED |
| ZoneAlarm ES | 100 | 100 | 100 | 100 | 100 | 0 | 100 | 100 | 100 | 0 | 0 | 100 | 75% | PASSED |
| ZoneAlarm Free | N/A | N/A | 0 | 100 | 100 | N/A | 100 | 100 | 100 | 0 | 0 | 100 | 67% | PASSED |
Levels
- Level 1 – Autorun1, Autorun3, Breakout2, Coat, ECHOtest, FileDel2, Kill1, Kill2, Leaktest, Tooleaky, Wallbreaker1, Yalta
- Level 2 – Autorun12, Autorun2, Autorun20, Autorun30, AWFT1, DNStest, FileMov2, Ghost, HostsBlock, Jumper, Kill3, Kill3b, Kill6, RegDel1, Wallbreaker3, Wallbreaker4
- Level 3 – Autorun16, Autorun24, Autorun31, Autorun4, AWFT3, AWFT4, DNStester, FileRep1, Kernel1, Kill3f, Kill4, Kill7, RegSet1, SSS2, Suspend1, Thermite, Wallbreaker2
- Level 4 – Autorun14, Autorun17, Autorun26, Autorun36, Autorun37, Autorun6, Autorun9, CopyCat, CPIL, CPILSuite1, FileRep2, Inject2, Inject3, Kernel1b, Keylog1, Kill3e, Kill8, Kill9, SSS, Suspend2
- Level 5 – Autorun15, Autorun18, Autorun21, Autorun28, Autorun5, Breakout1, CPILSuite2, Crash1, Crash2, Crash3, Crash4, FileWri1, Kernel2, Kernel3, Keylog2, Kill3c, Kill3d, RegDel2, Svckill, VBStest
- Level 6 – Autorun22, Autorun25, Autorun27, Autorun29, Autorun32, Autorun7, CPILSuite3, Crash5, Crash6, DDEtest, ECHOtest2, FileWri2, FireHole, Flank, Kernel4, Keylog3, Keylog4, Kill10, Kill11, Runner
- Level 7 – Autorun10, Autorun19, Autorun33, Autorun35, Autorun8, BITStest, Crash4b, FileDel1, FileMov1, FileWri3, FireHole2, Inject1, Keylog5, Keylog6, Kill12, OSfwbypass, RegAcc1, Runner2, Schedtest, SSS3
- Level 8 – Autorun11, Autorun13, Autorun23, Autorun34, FileDel3, FileOpn1, FileOpn2, Kernel4b, Kernel5, Kernel5b, Keylog7, Kill5, NewClass, Schedtest2, SockSnif, SSS4
- Level 9 – Crash7, Driver Verifier, FileAcc1, FileCtl1, FileWri4
- Level 10 – BSODhook, ShadowHook