Poll
Should software vendors reward independent researchers for finding vulnerabilities in their software?
Proactive Security Challenge
- Introduction
- Results and comments
- Testing levels
- List of products
- Archive of results
- My leaks
- Frequently asked questions
Testing levels
Contents:
Level 9
The product has to score at least 50% in the tests on this level to pass it.
Tests
Crash7
Test type: Self-defense test
Scoring: At least one of the target processes or threads was crashed – 0%; Success – 100%.
Description: Crash7 checks whether malicious software can crash the tested product by allocating all the available memory in the system.
Driver Verifier
Test type: Other
Scoring: System crash – 0%; System unusable – 50%; Success – 100%.
Description: Driver Verifier
is not a part of SSTS, it is Microsoft's tool used for drivers' verifications. With this tool we can check whether the tested product's drivers do not suffer from common problems that appear in kernel drivers. This tool should be used by the developers of Windows drivers to ensure the basic stability of their drivers. The tests are done with all options enabled.
FileAcc1
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileAcc1 checks whether the tested product protects its files and directories against malicious manipulation of their security descriptors.
FileCtl1
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileCtl1 checks whether the tested product protects its files against malicious erasing using the file system's special service control.
FileWri4
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileWri4 checks whether the tested product protects its files against malicious corruption of their data using a direct disk access.
Result table
In the following table 
represents the 100% result and 
represents the 0% result. Other values are displayed as rounded whole numbers. The last two columns summarize the product's
score on this level and whether it passed this level or not.
| Product | I. FileAcc1 | – – | Score | Result | ||||
|---|---|---|---|---|---|---|---|---|
| II. Driver Verifier | II. FileWri4 | |||||||
| III. Crash7 | III. FileCtl1 | |||||||
| III. | II. | I. | III. | II. | - | |||
| Comodo IS | 100 | 100 | N/A | N/A | N/A | – | 100% | PASSED |
| Jetico v2 | 0 | 100 | N/A | N/A | N/A | – | 50% | PASSED |
| KIS | 0 | 100 | N/A | N/A | N/A | – | 50% | PASSED |
| Malware Defender | 0 | 100 | N/A | N/A | N/A | – | 50% | PASSED |
| Netchina | 0 | 0 | N/A | N/A | N/A | – | 0% | FAILED |
| OA Free | 0 | 100 | N/A | N/A | N/A | – | 50% | PASSED |
| OA Premium | 100 | 0 | N/A | N/A | N/A | – | 50% | PASSED |
| Outpost Free | 0 | 100 | N/A | N/A | N/A | – | 50% | PASSED |
| Outpost Suite | 0 | 0 | N/A | N/A | N/A | – | 0% | FAILED |
| PC Tools | 100 | 100 | N/A | N/A | N/A | – | 100% | PASSED |
| Privatefirewall | 0 | 100 | N/A | N/A | N/A | – | 50% | PASSED |
| ZoneAlarm Pro | 0 | 0 | N/A | N/A | N/A | – | 0% | FAILED |
Levels
- Level 1 – Autorun1, Autorun3, Breakout2, Coat, ECHOtest, FileDel2, Kill1, Kill2, Leaktest, Tooleaky, Wallbreaker1, Yalta
- Level 2 – Autorun12, Autorun2, Autorun20, Autorun30, AWFT1, DNStest, FileMov2, Ghost, HostsBlock, Jumper, Kill3, Kill3b, Kill6, RegDel1, Wallbreaker3, Wallbreaker4
- Level 3 – Autorun16, Autorun24, Autorun31, Autorun4, AWFT3, AWFT4, DNStester, FileRep1, Kernel1, Kill3f, Kill4, Kill7, RegSet1, SSS2, Suspend1, Thermite, Wallbreaker2
- Level 4 – Autorun14, Autorun17, Autorun26, Autorun36, Autorun37, Autorun6, Autorun9, CopyCat, CPIL, CPILSuite1, FileRep2, Inject2, Inject3, Kernel1b, Keylog1, Kill3e, Kill8, Kill9, SSS, Suspend2
- Level 5 – Autorun15, Autorun18, Autorun21, Autorun28, Autorun5, Breakout1, CPILSuite2, Crash1, Crash2, Crash3, Crash4, FileWri1, Kernel2, Kernel3, Keylog2, Kill3c, Kill3d, RegDel2, Svckill, VBStest
- Level 6 – Autorun22, Autorun25, Autorun27, Autorun29, Autorun32, Autorun7, CPILSuite3, Crash5, Crash6, DDEtest, ECHOtest2, FileWri2, FireHole, Flank, Kernel4, Keylog3, Keylog4, Kill10, Kill11, Runner
- Level 7 – Autorun10, Autorun19, Autorun33, Autorun35, Autorun8, BITStest, Crash4b, FileDel1, FileMov1, FileWri3, FireHole2, Inject1, Keylog5, Keylog6, Kill12, OSfwbypass, RegAcc1, Runner2, Schedtest, SSS3
- Level 8 – Autorun11, Autorun13, Autorun23, Autorun34, FileDel3, FileOpn1, FileOpn2, Kernel4b, Kernel5, Kernel5b, Keylog7, Kill5, NewClass, Schedtest2, SockSnif, SSS4
- Level 9 – Crash7, Driver Verifier, FileAcc1, FileCtl1, FileWri4
- Level 10 – BSODhook, ShadowHook