VirusBulletin (VB100) testresults on WS2008-R2 SP1

Forums General General Discussion Windows Security VirusBulletin (VB100) testresults on WS2008-R2 SP1

Viewing 0 reply threads
  • Author
    • #44892

        VB100 comparative review on Windows Server 2008-R2 SP1

        John Hawes

        The VB test team put 29 products through their paces on Windows Server 2008 and, for the first time ever on a Windows platform, all products achieved VB100-certified status.”


        RAP-chart, LARGE:


        Testreport, direct-download: (PDF):

        Summary information about RAP testing

        “The unique RAP (Reactive and Proactive) tests measure detection rates using the freshest samples available,
        at the time products are submitted to the test, as well as samples not seen until after product databases are frozen.
        This provides a measure of both the vendors’ ability to handle newly emerging malware, and their accuracy in detecting previously unknown malware.

        The four-test RAP averages quadrant allows at-a-glance comparison of detection rates by these criteria.”

        “The RAP tests are run according to the following procedures:

        RAP samples are split into four sets. The set known as ‘week +1’ is gathered in the period from one to seven days after the product submission deadline.
        The ‘week -1’ set covers the deadline day itself and the six previous days.
        The ‘week -2’ set includes samples gathered eight to 14 days before the deadline,
        and the ‘week -3’ set consists of samples gathered 15 to 21 days before the deadline.”

        “For each product entered for a review, we measure detection using our standard on-demand scanning procedure;
        this uses default product settings and ignores detections labelled as ‘suspicious’ only.
        Scores used in the per-test RAP quadrants are labelled ‘Proactive’ (the ‘week +1’ score),
        and ‘Reactive’ (the average of the scores for weeks -1, -2 and -3).
        Scores used in the four-test RAP averages quadrant are the averages of each score over the last four tests.
        In the per-test quadrants, products with false positives in the test in question are marked by striking through the product identifier.
        For the four-test RAP averages quadrant, such scores are excluded when calculating averages.”

        Full details of the RAP scheme:

        The X-axis (horizontal) is detection of “new” malware (“0-day”), and the Y-axis (vertical) is detection of “old” malware.
        So a good antimalware-program should be at the upper-right corner.

    Viewing 0 reply threads
    • You must be logged in to reply to this topic.