Unfortunately when I pressed “English” the description still came up in Russian, which is not a big deal for me So…
Также в тесте участвовали две специальные программы для проактивной защиты от новейших видов угроз класса HIPS (Hosted Intrusion Prevention System):
1. DefenceWall HIPS 2.56
2. Safe'n'Sec Personal 18.104.22.1680
Also two special programs for proactive defense against the newest types of threats "class HIPS" participated in this test...
I don't know why they call it "class HIPS"or type-HIPS ???, but that is how they put it and therefore I placed it in quotes.
And that’s where the problem exists, as far as I understand.
HIPS and alike and separately Behavioral Blockers (that do work differently - stressing) should be the subject of such tests. Only those should participate when we are talking about “zero days” … Antiviruses basically ( any ) are total failure against those and we know that.
Further they are describing that all AVs were set “as default” for auto-updates etc.
So what? that is a major weakness of any AV anyway.
“Zero day” … or “zero-half-an-hour”? … probably “zero last minute?”
What is that critical time frame we are talking about within which any AV will definitely find itself in a deep crapper?
Therefor I really don’t care about test like this … and who was or was not paid.
That is just wrong methodology.
That is similar to seeing Mamutu at the last place with “failed” verdict in Firewall tests
(haven’t we all seen that?)
At the same time Mamutu is the best Behavioral Blocker currently… …and so on …
Actually in addition to what I answered to J_G - readings a bit more.
The testers admitted that
К сожалению, в ходе длительного проведения теста полученных результатов, некоторые вендоры выпустили обновления своих продуктов, что не могло быть отражено в итоговых результатах
Unfortunately due to long time of carrying out of the test and getting the results, some vendors issued updated (versions of) products and that could not be reflected in the final set of the concluding results
IIRC an old version of Mamutu was tested in matousec Proactive challenge failing even the most baseline termination tests (Kill1 and Kill2) but passing a test named Leaktest meant to finds out whether the tested product filters outbound TCP traffic…
An EMSI representative did apparently represent that whole stss suite as a firewall leak testing one…
2008-11-29 (Mamutu 22.214.171.124 scored 2%):
Emsi Software GmbH – the vendor of Mamutu
In our opinion Mamutu is completely misplaced in this test. Mamutu is not a firewall, but a behavior blocker, designed to detect and block real malware samples only, not to pass a firewall leaktest. For us, the test results are useless because the product was tested for features that Behavior Blockers are not intended to provide in general. In oposite to Matousec, we think that Firewalls, Behavior Blockers and HIPS are not the same type of software and therefore they can not be tested and compared as they were the same.
Emsi Software GmbH
Matousec reply was:
We are testing a specific kind of security software which must meet some [url=http://www.matousec.com/projects/proactive-security-challenge/faq.php#product-requirements]fixed criteria[/url] in order to be included to our project. The main criterion is to implement a process-based security. Proactive Security Challenge is designed to test Internet security suites, personal firewalls, HIPS products, behavior blockers and other behavior based systems. Mamutu met all the required criteria and hence there was no why not to include Mamutu to our project after we received several requests from our visitors. All the products included to our project implement similar features. These security features are tested in our project. We believe that using a set of open tests is the only objective way to compare all the products that implement the very same features. There are various tests used in Proactive Security Challenge, only a part of the used testing suite is based on leak-tests.
My answers here were about the versions as original poster asked.
In addition I expressed my view that the pointed two or similar “additional” Software are indeed intended to be tested against zeo-days – separately, but not the AVs together with them.
My opinion is that the answer by Christian Mairoll was correct and Mamutu should not be tested amongst Firewalls.
… but anyway, since we agreed once – as soon as you are in the thread - I am out of that thread, because that will lead to endless “jumping-jack-self-quoted” replies of yours and discussion going nowhere.
If you meant to reply about tested products being linked to in the OP post then Mamutu is strikingly out of place even more if you actually meant to rephrasematousec tests in the same way some EMSI representative did.
And here I was inclined to ask you, despite such all-along undisclosed agreement ( ??? )I never was aware of so far ( 88) ), if you recently ran what you defined the “best Behavioral Blocker currently” against many of such stss termination tests at least…
Because when I got to check something your opinion appeared to hint at, I had the definite impression some of your words were to be read like “That is similar to seeing Mamutu failing to prevent self termination as a Behavior blocker” (haven’t we all seen that?)…
Nevertheless I got to know your definite self-referencing opinion about Mamutu value and even some clarification about your thoughts about that EMSI representative opinion about Proactive tests I “jumping jack” quoted and linked, whenever I got none about the related matousec reply whereas I won’t have everybody to rely on my words alone if I can link a post containing somebody else words along with mine.