AVLab.pl - Learn more about Remediation Time – response time to security incidents (t
#1
Bug 
Quote:
[Image: AVLab-logo-2022.svg]


We already have the results for January 2023 published. By the way - thank You for voting us in AV-Comparatives Survey! We took place 3rd! Amazing [img]data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7[/img]

Remediation Time in test

Starting from this edition, in order to stand out more from other testing laboratories as precursors in the security industry, we introduce a new comparative feature – the so-called “response time to a threat and resolve security incident” – Remediation Time. We will measure it for each tested product for home and business to further highlight the differences between protection software when confronted with threats in the wild (coming from the Internet).

In other words: in the Sysmon logs we have the UTC time logged for:

1. Downloading malware via Firefox.
2. If the product doesn't stop it at an early stage, a run occurs. If a threat detection by any technology has occurred, we have such a time logged, e.g. as "moved to quarantine", or "blocked on firewall" or different method.

From point 1 to point 2 this is known as a Remediation Time.

Remediation Time Average reports on the Recent Results webpage. From the next edition onwards, each product will have its own website with more detailed technical information and awards won. Give us some more time, please [img]data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7[/img]

Threat Landscape in January 2023

We have prepared the following summary based on the logs collected from the Sysmon tool in Windows 10 and database with collected information from the test:
  • 11 security solutions took part in the test.
  • Ultimately, we used 447 unique URLs with malware.
  • Exactly 381 malware samples were hosted with HTTP.
  • Websites encrypted with HTTPS (in theory – safe) contained 66 malware samples.
  • During the analysis, each malware samples took on average 28 potentially harmful actions in Windows 10.
  • Most malware originated from servers located in the Netherlands, Russia and USA.
  • .com, .org, .za domains were mostly used to host malware.
  • The average detection of URLs or malicious files at the PRE-Launch level was 58%.
  • At the POST-Launch level, file detection was on average 38%.
Full publication is published on website: Learn More About Remediation Time – Response Time To Security Incidents. The Results From Protection Test In January 2023 » AVLab Cybersecurity Foundation
Full Report
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>