To me, it comes down to understanding the testing methodology. Comodo is known (to the few who get it) for it’s firewall tech. IMO, they are not known for detection. Zero day detection of new malware is an elusive thing. Because of this, one shouldn’t be over confident in a product’s detection rate for known malware. Comodo is default deny and it’s great firewall. But it seems most of the ant-malware world is chasing the wind (identifying ALL malware) and focused firmly on that. However, they don’t typically admit their product’s weakness against zero-day malware.
I am not Cruelsister but you can tell what is happening by checking the Page 13 of this PDF Document. It says CIS: “Detected - 99”, “Blocked - 94”, “Neutralised - 5”, “Compromised - 1”.
CIS did not achieve max score because it allowed one threat to infect the system. In the January/March result it was worse, it allowed 3 infections. Other users reported about this issue: https://forums.comodo.com/news-announcements-feedback-cis/what-is-happening-with-comodo-se-labs-results-t125820.0.html
Either a case of ‘Whitelisted malware’ or default CIS ‘Internet Security’ configuration being too permissive for it’s own good (disabled HIPS, Firewall allowing all outbound by default, no Access restrictions level set up for default Containment, etc).
so, on default settings windows defender becomes better?
You could say yes, however CIS on ‘Proactive Security’ mode, Firewall set to Auto-Block outbound, Containment on Rual Virtually > Set restriction level to: Restricted or Untrusted, HIPS enabled (you can select it to auto-block requests if you don’t like alerts) is stronger than Windows Defender and any other competitor solution. You can check and use Cruelsister’s suggested settings for CIS/CFW as you probably already know.
i know that but that config should be default… majority of users will have default settings and will cis sux?
It has long been requested that the Default settings be greatly strengthened for that reason. It’s the ‘dumbing down’ of software to make it easier, which tends to come back to haunt it in the long run
Make Proactive the default on install and emphasize that in the Help files and then allow users to modify as they wish . . . . Just have to wait and see if something similar is implemented in the next release
Looking forward to seeing what changes come with the next release but I do agree, the default allows too much. That and you have to manually setup IPv6 firewall rules as by default CIS still doesn’t filter that traffic. Would love to see the Cruelister default block approach and then just interactive help when something is blocked.
Brings back memories of when CF used to scan your whole system for known files after installation which I think you had to do manually at the time but alleviated any issues with programs you already had installed.
E
Victor- Regarding this test, obviously we would need the malware used to determine exactly what faults were found. However, if we just concentrate on the most important thing- that of running a malicious file that would result in a compromised system- then at the default CIS settings I can easily see how that can occur.
1). I’ve posted elsewhere that a growing trend in malware writing has been the use of what is termed LoLbins. CIS (and for that matter CF) are prone to this attack with CONTAINMENT AT THE DEFAULT LEVEL. A current example would be malware that utilize Windows Management Instrumentation. As WMIC is a command line process, a number of nasty and horrible things can be done that will result in system changes (like setting up a System Reserved space). However just upping the Containment level to Limited or above would prevent anything untoward from occurring (not-so-fun fact- even Paranoid mode allows this).
2). It must be assumed that in the SEC Labs test none of the malware were freshly coded to make them true Zero-Day malware. We can assume this just by the results if the other products tested that rely primarily (if not exclusively) on signature based detection. This is really important to note as some that scored highly would not look as good if they never ever saw the malware before (as an example, I did a video on Cylance a while back demonstrating what a trivial matter it was to breach the supposed unbreachable).
The point here is that when I test Comodo I either newly code malware or at the very least shut off VirusScope and Cloud if I am too lazy to code fresh. And with this hobbling of the overall protection the is excellent with the exception of the point made above.
To conclude:
1).SE labs has a point.
2). Use my settings and worry not.
M
as always, youre grate!!!
i love you girl… 
i have your settings on any cis installation I make, but I would like to see atleast the security level of unknow files you show as the default on cis insallations… please, somebody with easy access to comodo devs, employees, etc., show them this and the relates topics where everybody asks for ths settings to be default… theu shoud consider it and go in a point where they found some settings to be made or changes to be made so we all can have the great cis containing everything unknow and blocking any piece of suspicious files with its default settings… that would be great for all!!! lets hope they consider some changes to the default behavior…
What do you think of this test?
Hello everyone this test came out today , tell what you think about it ?.
Malware Prevention test (at minute 10:30) & Ransomware Prevention test, in both CIS protected 100%.
The reason for the ‘Failed’ result is because of Fusion.dll being included on CIS Online Installer, which is detected as a PUP/PUA by second opinion scanners, as well as Comodo AV Detection Ratio performing below average on File Detection tests.
In fact, increasing the detection percentage would not be bad … at least approaching the average of the competition. Then work better on bugs and release times for new versions.
In my opinion it should also focus on this COMODO. 
comodo internet security protect PCs…
curiosity:
- malware inactive, do not infect system;
- traces malwares, not represents threat;
- since 2006 comodo protected my browser web.
sorry my english.
Thanks!
8th edition of security tests of the "Advanced In The Wild Malware Test”
Solutions with the most effective protection in July 2020 (alphabetically and by result):
Avast Free Antivirus (blocked 1456/1456)
Bitdefender Total Security (blocked 1456/1456)
Comodo Advanced Endpoint Protection (blocked 1456/1456)
Comodo Internet Security (blocked 1456/1456)
Emsisoft Business Security (blocked 1456/1456)
G Data Total Security (blocked 1456/1456)
Kaspersky Total Security (blocked 1456/1456)
SecureAPlus Pro (blocked 1456/1456)
Avira Antivirus Pro (blocked 1455/1456)
Webroot Antivirus (blocked 1455/1456)
Detailed results are available at AVLab Cybersecurity Foundation
Level 1 very low Level 3 very high.
A clear distinction in the competition that still passed the test very well.
In my humble opinion, it demonstrates here that Comodo primarily relies on containment where a lot of malware is also running that others detect in level 1. However, the protection objective is achieved.
It is the ninth edition of the competition for the best antivirus software
Solutions with the most effective protection in September 2020 (alphabetically and by the best result):
Avast Free Antivirus (blocked 1187/1187)
Bitdefender Total Security (blocked 1187/1187)
Comodo Advanced Endpoint Protection (blocked 1187/1187)
Comodo Internet Security (blocked 1187/1187)
ESET Smart Security Premium (blocked 1187/1187)
G DATA Total Security (blocked 1187/1187)
Kaspersky Total Security (blocked 1187/1187)
mks_vir Internet Security (blocked 1187/1187)
SecureAPlus Pro (blocked 1187/1187)
Webroot Antivirus (blocked 1187/1187)
Windows Defender (blocked 1187/1187)
Avira Antivirus Pro (blocked 1186/1187)
Detailed results are available at AVLab Cybersecurity Foundation
Cool ! :-TU
From this test they are all excellent.
In my opinion it is also useful to understand at what level one is protected. I would prefer level 1 protection rather than level 3 with the same 100% protection result.