Comparative test of anti-virus products on Windows 7

Graham Cluley
Graham Cluley
@[email protected]

The latest edition of Virus Bulletin magazine has described its recently published investigation of 43 anti-virus products on the Windows 7 platform their “biggest month of testing ever”, producing an exhaustive 27 page report examining the detection abilities of different security solutions.

Not only does the December 2009 edition of Virus Bulletin award Sophos Endpoint Security the prestigious VB100 award for detecting all the in-the-wild viruses without false alarming, but Sophos also achieved a perfect 100% score against worms, bots and polymorphic malware. This meant that Sophos outperformed a number of other products which failed to detect 100% of the viruses in the wild.

Even more impressive, from Sophos’s point of view, was Sophos’s performance in Virus Bulletin’s RAP (“Reactive and Proactive”) test, helping users form a better impression of the heuristic and generic proactive detection capability of security software – in particular how well products perform against malware that appears after vendors have submitted their products to Virus Bulletin for testing.

Yes, that’s right – this was the malware which emerged once Virus Bulletin had our software and had frozen its ability to update itself. In other words, Virus Bulletin was testing each product’s ability to proactively detect unknown malware.

Sign up to our free newsletter.
Security news, advice, and tips.

VB RAP chart, comparing reactive and proactive performance against malware

In this test, harder than any other, Sophos achieved a higher ranking than any other product tested with 73.2%.

Virus Bulletin commented on Sophos’s performance:

"Detection rates were particularly good in the RAP sets where some excellent figures were noted, especially in the proactive set; we observed enormous numbers of detections being covered by a relatively tiny number of unique identities, so it seems like Sophos's focus on generic coverage is paying dividends."

As a comparison, McAfee and Symantec scored 53.98% and 17.66% respectively in that same proactive test.

With both a VB100 win, and an extremely impressive performance against unknown malware you can understand why our marketroids might wish to toot the Sophos horn.

This is the 49th time Sophos has won the VB100 award from the independent testers at Virus Bulletin for its protection capabilities. You can find full details of the review in the December 2009 edition of Virus Bulletin magazine (Sorry, I think you may need to be a paid-up subscriber to VB to read the full report, but a summary can be read here).

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.