| ESET Conference Papers | Download |
| "Testing, testing: Anti-Malware Evaluation for the Enterprise" by David Harley and Andrew Lee Looks at appropriate and inappropriate ways of testing anti-malware products. (AVAR Conference 2007) |
 |
| "Phish Phodder: Is User Education Helping or Hindering" by David Harley and Andrew Lee Evaluates research on susceptibility to phishing attacks, and looks at web-based educational resources such as phishing quizzes. Do phished institutions and security vendors promote a culture of dependence that discourages computer users from helping themselves? First published in 2007 Virus Bulletin Conference Proceedings.* |
|
| "From Fun to Profit" by Andrew Lee and Pierre-Marc Bureau Presents an overview of the evolution of malicious software, focusing on the objectives of this type of program to provide evidence for their predictions as to how it will evolve in the years to come. (Infosec Paris 2007) |
|
| "Microsoft anti-virus — extortion, expedience or the extinction of the AV industry?" by Randy Abrams Looks at the changes in the corporate culture at Microsoft and the company's re-entry into the anti-malware market. Will it reduce diversity of choice, and will it leave users in any better shape than MSAV did in the 1990s? First published in Virus Bulletin Conference 2006 proceedings.* |
|
| Reprints of Articles by ESET Researchers | Download |
| "Yet Another Rustock Analysis..." by Lukasz Kwiatek and Stanislaw Litawa A detailed analysis of the Rustock.C rootkit and some of its self-defensive measures. Originally published in Virus Bulletin, August 2008.* |
|
| "Fixing the virus problem?" by Andrew Lee Takes a realistic look at how far Vista can be expected to mitigate the user's exposure to malicious code. Originally published in Virus Bulletin, July 2006.* |
|
| "Phish Fingering" by David Harley Review of "Phishing Exposed", Lance James's book for Syngress. Originally published in Virus Bulletin, July 2006.* |
|
| "War of the Words" and "I spy" by David Harley Reviews of Robert Slade's "Dictionary of Information Security" and "Combating Spyware in the Enterprise", by Baskin et al., both published by Syngress. Originally published in Virus Bulletin, September 2006.* |
|
| ESET White Papers | Download |
| "Common Hoaxes and Chain Letters" by David Harley An ongoing series of papers that describe some of the commonly-found lies and half-truths that continue to circulate on the Internet, and discuss some ways of identifying them. |
|
| "Net of the Living Dead: Bots, Botnets and Zombies" by David Harley and Andrew Lee Describes the botnet phenomenon in detail: its origins and history, current trends, and what you need to do about it. |
|
| "The Spam-ish Inquisition" by David Harley and Andrew Lee A detailed overview of spam, scams and related nuisances, and some of the ways of dealing with them. |
|
| "ESET Smart Security" by ESET Research Department A detailed overview of ESET's flagship security package by the team that brings you the ESET series of product-independent threat analyses. |
|
| "A Pretty Kettle of Phish" by David Harley and Andrew Lee Understand and avoid the attentions of phishers and other Internet scammers. |
|
| "ESET Heuristic Analysis Report - March 2007" by David Harley & Andrew Lee A detailed analysis of the differences between traditional threat-specific detection and proactive detection by generic detection and behavior analysis. |
|
| "The root of all evil? - Rootkits revealed" by David Harley and Andrew Lee This paper describes and de-mythologizes the rootkit problem, a serious but manageable threat. |
|
| Other White Papers | Download |
| "Beyond Signature-Based Antivirus: New Threat Vectors Drive Need for Proactive Antimalware Protection," adapted from Worldwide Antivirus 2006-2010 Forecast Update and 2005 Vendor Analysis by Brian E. Burke, IDC #204715 | |
| "Malware Detection Techniques" Frost & Sullivan | |
| Independent Tests | Download |
| Virus Bulletin June - October 2008 Comparative Tests | |
| ESET Smart Security Business Edition Comparative Testing (West Coast Labs; September 2008) |
|
| Retrospective/Proactive Test by AV-Comparatives (May 2008) | |
| "Anti-Virus Comparative Summary Report 2007" by Andreas Clementi (AV-Comparatives.org) | |
| Windows XP Product Comparative Tests (Virus Bulletin June 2006) | |
| Virus Bulletin 2005-2006 Comparative Tests | |
| Virus Bulletin 2004-2005 Comparative Tests | |
| Anti-Spyware Solutions Technology Report (West Coast Labs) | |
| Anti-Malware Testing and Evaluation | Download |
| How do you tell good tests from not-so-good tests? ESET is very actively represented in the Anti-Malware Testing Standards Organization (AMTSO) which is dedicated to raising the standard of anti-malware testing across the board. One of the ways in which this is being done is by making available documentation that will help aspiring testers and their audiences to understand detection testing issues better. The following articles have been prepared in English here. | |
| The Fundamental Principles of Testing (Spanish) | |
| Best Practices for Dynamic Testing (Spanish) | |
| Other Resources |
| AVIEWS AVIEWS (Anti-Virus Information and Early Warning System) brings together Anti-Virus software vendors, corporate security professionals and independent researchers in a discussion and information sharing network of anti-malware professionals, providing early identification and warning of new malware. |
| AVAR The Association of Anti-Virus Asia Researchers. |
| APWG The Anti-Phishing Working Group (APWG) is the global pan-industrial and law enforcement association focused on eliminating the fraud and identity theft that result from phishing, pharming and email spoofing of all types. |
| Team Anti-Virus Team Anti-Virus is a network of anti-malware professionals with an interest in providing education and information on anti-malware issues. |
| AVIEN AVIEN (Anti-Virus Information Exchange Network) is the largest grassroots discussion network of independent anti-virus researchers in the world. |
| The Anti-Spyware Coalition The ASC is a group dedicated to building a consensus about definitions and best practices in the debate surrounding spyware and other potentially unwanted technologies. Composed of anti-spyware software companies, academics, and consumer groups, the ASC seeks to bring together a diverse array of perspective on the problem of controlling spyware and other potentially unwanted technologies. ESET is actively participating in these important discussions. |
| Microsoft Virus Information Alliance (VIA) ESET has joined forces with Microsoft and other anti-virus vendors to provide detailed information on significant viruses that affect Microsoft products. Microsoft's PSS Security Team will post updated information on this website regarding new and potentially damaging viruses that have been discovered in the wild. |
| Cisco® Network Admission Control (NAC) Cisco Network Admission Control (NAC) leverages the network infrastructure to limit damage from viruses and worms. Using Cisco NAC, organizations can provide network access to endpoint devices, such as PCs, PDAs, and servers that fully comply with established security policy. Cisco NAC allows noncompliant devices to be denied access, placed in a quarantined area, or given restricted access to computing resources. |
NOTE: The most recent figures from AV-Test are available on the Virus Bulletin web site.
A summary of past test results for all av vendors can be found here — this requires (free) registration with the site. Full details of individual tests, as reported in Virus Bulletin magazine, are available only to subscribers.
Past AV-Comparative test reports are archived at av-comparatives.org, along with information on report updates, testing methodology and FAQs
* Copyright is held by Virus Bulletin Ltd, but is made available on this site for personal use free of charge, by permission of Virus Bulletin.
