https://www.mrg-effitas.com/current-tests/
(MRG Effitas Project 40)
Nice Report Webroot
Userlevel 6
Userlevel 7
Hi RR
How are you doing? Well I hope?
Thanks for that. Had missed it. Very nice article. :D
Cheers
Solly
How are you doing? Well I hope?
Thanks for that. Had missed it. Very nice article. :D
Cheers
Solly
Userlevel 6
Doing well...lots of distractions currently so I haven't been around very much. I liked Level 2.
Userlevel 7
+56
Thanks RR you should post that in the Community as well or would you like me to move it there?
Userlevel 6
Go ahead...I'm workng on some house repairs.
Userlevel 7
Good idea Daniel and thanks for sharing that RomopinRaider!
Userlevel 7
What I find fascinating is that whilst SafeMOney (KIS) is clearly very safe it is so much heavier in use than the same protection provided by WSA. As an ex-KIS user (run in parallel with WSA for many years) the performance impact & technical inelegance (IMHO) of SafeMoney was one of the reasons for ditching KIS completely.
It is nice to see Webroot's efforts so clearly rewarded amongst a field that few could call 'shrinking violets' or 'inconsequential' players in the security app market. :D
It is nice to see Webroot's efforts so clearly rewarded amongst a field that few could call 'shrinking violets' or 'inconsequential' players in the security app market. :D
Userlevel 7
Ah great result for WSA. Thanks for sharing Rompin.:)
Userlevel 6
Well done Webroot! :)
Userlevel 3
Hi All,
Just to clear up an issue raised on the Wilders forum here:
http://www.wilderssecurity.com/threads/mrg-effitas-online-banking-browser-security-assessment-project-q3-2013-q1-2014.365079/page-3
BoerenkoolMetWorst stated:
"Strangely enough, in both tests, the same version of WSA is used. When WSA previously failed banking tests, they improved the Identity Shield and released a new version. This leaves me curious to know if they really block the information-stealing behavior from the SpyEye in question, or only updated the cloud heuristics to block these SpyEye variations."
WSAs pass in the level two certification was not down to updated cloud heuristics. Our engineers liaised with the Webroot team to help them improve the secure browser technology so that it was able to prevent SpyEye from performing data exfiltration.
The Webroot team created an updated version of the product which we able to pass the SpyEye test - but it looks like we didnt update the version number in the report.
Hope this clears this matter up - and perhaps one of the mods here could clarify the situation in the wilders thread (as we try to avoid posting there)
Cheers,
Chris.
Just to clear up an issue raised on the Wilders forum here:
http://www.wilderssecurity.com/threads/mrg-effitas-online-banking-browser-security-assessment-project-q3-2013-q1-2014.365079/page-3
BoerenkoolMetWorst stated:
"Strangely enough, in both tests, the same version of WSA is used. When WSA previously failed banking tests, they improved the Identity Shield and released a new version. This leaves me curious to know if they really block the information-stealing behavior from the SpyEye in question, or only updated the cloud heuristics to block these SpyEye variations."
WSAs pass in the level two certification was not down to updated cloud heuristics. Our engineers liaised with the Webroot team to help them improve the secure browser technology so that it was able to prevent SpyEye from performing data exfiltration.
The Webroot team created an updated version of the product which we able to pass the SpyEye test - but it looks like we didnt update the version number in the report.
Hope this clears this matter up - and perhaps one of the mods here could clarify the situation in the wilders thread (as we try to avoid posting there)
Cheers,
Chris.
Userlevel 7
+56
Hi Chris,
Welcome to the Webroot Community! It would be nice if you or Sveta could post what you said here over at Wilders and then that will come from the source, and thanks for the clarification and I'm sure your Webroot contacts understand as well. Also@ is a member here.
Thanks,
Daniel 😉
Welcome to the Webroot Community! It would be nice if you or Sveta could post what you said here over at Wilders and then that will come from the source, and thanks for the clarification and I'm sure your Webroot contacts understand as well. Also
Thanks,
Daniel 😉
Userlevel 7
+62
Welcome Chris! Nice of you to drop by! Thank you for the information!!;)@ wrote:
Hi All,
Just to clear up an issue raised on the Wilders forum here:
http://www.wilderssecurity.com/threads/mrg-effitas-online-banking-browser-security-assessment-project-q3-2013-q1-2014.365079/page-3
BoerenkoolMetWorst stated:
"Strangely enough, in both tests, the same version of WSA is used. When WSA previously failed banking tests, they improved the Identity Shield and released a new version. This leaves me curious to know if they really block the information-stealing behavior from the SpyEye in question, or only updated the cloud heuristics to block these SpyEye variations."
WSAs pass in the level two certification was not down to updated cloud heuristics. Our engineers liaised with the Webroot team to help them improve the secure browser technology so that it was able to prevent SpyEye from performing data exfiltration.
The Webroot team created an updated version of the product which we able to pass the SpyEye test - but it looks like we didnt update the version number in the report.
Hope this clears this matter up - and perhaps one of the mods here could clarify the situation in the wilders thread (as we try to avoid posting there)
Cheers,
Chris.
Userlevel 7
Hi Chris,@ wrote:
Hi All,
Just to clear up an issue raised on the Wilders forum here:
http://www.wilderssecurity.com/threads/mrg-effitas-online-banking-browser-security-assessment-project-q3-2013-q1-2014.365079/page-3
BoerenkoolMetWorst stated:
"Strangely enough, in both tests, the same version of WSA is used. When WSA previously failed banking tests, they improved the Identity Shield and released a new version. This leaves me curious to know if they really block the information-stealing behavior from the SpyEye in question, or only updated the cloud heuristics to block these SpyEye variations."
WSAs pass in the level two certification was not down to updated cloud heuristics. Our engineers liaised with the Webroot team to help them improve the secure browser technology so that it was able to prevent SpyEye from performing data exfiltration.
The Webroot team created an updated version of the product which we able to pass the SpyEye test - but it looks like we didnt update the version number in the report.
Hope this clears this matter up - and perhaps one of the mods here could clarify the situation in the wilders thread (as we try to avoid posting there)
Cheers,
Chris.
Thanks for the info!
Beth
Userlevel 4
Thanks for the explanation Chris :)@ wrote:
Hi All,
Just to clear up an issue raised on the Wilders forum here:
http://www.wilderssecurity.com/threads/mrg-effitas-online-banking-browser-security-assessment-project-q3-2013-q1-2014.365079/page-3
BoerenkoolMetWorst stated:
"Strangely enough, in both tests, the same version of WSA is used. When WSA previously failed banking tests, they improved the Identity Shield and released a new version. This leaves me curious to know if they really block the information-stealing behavior from the SpyEye in question, or only updated the cloud heuristics to block these SpyEye variations."
WSAs pass in the level two certification was not down to updated cloud heuristics. Our engineers liaised with the Webroot team to help them improve the secure browser technology so that it was able to prevent SpyEye from performing data exfiltration.
The Webroot team created an updated version of the product which we able to pass the SpyEye test - but it looks like we didnt update the version number in the report.
Hope this clears this matter up - and perhaps one of the mods here could clarify the situation in the wilders thread (as we try to avoid posting there)
Cheers,
Chris.
I've posted it on Wilders.
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.