Corporate Endpoint Protection Group Test Socially-Engineered Malware via Multiple Attack Vectors Q3 2010

Socially-engineered malware can make its way onto a PC in several ways. These different attack vectors include being downloaded from a website on the public internet (or private intranet), from file servers, peer-to-peer file sharing applications, USB flash drives, sent via email and even dropped as a result of a drive-by download (aka exploit). While the most common delivery mechanisms have been via the web and email, this is changing as attackers aggressively use any entry points or attack vectors to get software onto a victim PC.

This test report summarizes the protection against multiple attack vectors offered by 10 leading Endpoint Protection Products (EPP). The test encompasses the following entry points for malware and exploits:

• Downloads from the web
• Malware sent in email, opened by outlook clients
• Malware accessed via network file share and USB flash drive

Tested Products:

• AVG® Internet Security Business Edition
• ESET Smart Security® Enterprise
• F-Secure® Client Security for Business
• Kaspersky Business Space Security with Internet Security
• McAfee® Total Protection for Endpoint
• Norman® Endpoint Protection
• Panda Internet Security (Enterprise)
• Sophos Endpoint Security and Control
• Symantec™ Endpoint Protection
• Trend Micro™ OfficeScan Plus IDF Plug-in

This test utilized socially-engineered malware samples collected from the internet during the time of the test, and we did not modify or applyany additional evasion techniques to the attacks. All testing was conducted independently and without sponsorship. No malware samples were shared with the vendors.

Endpoint Category
Subscription required