Hi,
I am considering buying Webroot, however although I feel the antivirus protection seems to be very good, I feel the anti-phishing, and url malware protections seem to be a bit weaker (as per PcMag review). Also, does Webroot protect the user from network exploits ? PcMag article says the product does not help to protect against network exploits.
Network exploit protection
Userlevel 3
+13
Userlevel 7
Hi Carlos
It depends on what you understand by a 'network exploit' & what yo udefine as 'network protection'?
The Home or Consumer version of WRSA works to protect the client system it is installed on and therefore by dint of this any networked exploit that happens to hit a client would normally be protected against.
In terms of the Endpoint Security or Business version things are different. Please see this FAQ page on that version of the product in relation to network protection
Would you please advise as to your understanding of the terms above?
Regards, Baldrick
PS: you have posted in the Consumer or Home version related part of the Community when you may have meant to post in the Business/Endpoint part?
It depends on what you understand by a 'network exploit' & what yo udefine as 'network protection'?
The Home or Consumer version of WRSA works to protect the client system it is installed on and therefore by dint of this any networked exploit that happens to hit a client would normally be protected against.
In terms of the Endpoint Security or Business version things are different. Please see this FAQ page on that version of the product in relation to network protection
Would you please advise as to your understanding of the terms above?
Regards, Baldrick
PS: you have posted in the Consumer or Home version related part of the Community when you may have meant to post in the Business/Endpoint part?
Userlevel 3
+13
Hi Baldrick,
Quoting PCMag article
("It doesn't attempt to fend off network-based exploits. I hit the test system with about 30 exploits generated by the CORE Impact penetration tool and, indeed, it didn't interfere with them. Since the test system is fully patched, the exploits also didn't do any actual damage.")
So here the exploit did not work because the system was fully patched, however what will happen if it isn't. This is an important issue for me since other products do completely shield you from such exploits even if the system is not fully patched.
Regards,
Carlos
Quoting PCMag article
("It doesn't attempt to fend off network-based exploits. I hit the test system with about 30 exploits generated by the CORE Impact penetration tool and, indeed, it didn't interfere with them. Since the test system is fully patched, the exploits also didn't do any actual damage.")
So here the exploit did not work because the system was fully patched, however what will happen if it isn't. This is an important issue for me since other products do completely shield you from such exploits even if the system is not fully patched.
Regards,
Carlos
Userlevel 7
Hi Carlos
I repeat that the Home version of WRSA does not protect networks...it does not need to as it is designed to be installed on each client & protect each client individually...but if yo did connect to a network then anything that hits the client from the network will be intercepted...when it goes active. WRSA does not worry about inactive malware...if they are inactive they cannot hurt the system...logical really.
It is the Endpoint Security version that handles protection for networks.
Are you looking at the correct version? As far as I am aware PCMag reviewed the former rather than the latter...but I stand to be corrected on that.
Regards, Baldrick
I repeat that the Home version of WRSA does not protect networks...it does not need to as it is designed to be installed on each client & protect each client individually...but if yo did connect to a network then anything that hits the client from the network will be intercepted...when it goes active. WRSA does not worry about inactive malware...if they are inactive they cannot hurt the system...logical really.
It is the Endpoint Security version that handles protection for networks.
Are you looking at the correct version? As far as I am aware PCMag reviewed the former rather than the latter...but I stand to be corrected on that.
Regards, Baldrick
FWIW ~ I'm familiar with your PCMag reference.@ wrote:
Hi,
I am considering buying Webroot, however although I feel the antivirus protection seems to be very good, I feel the anti-phishing, and url malware protections seem to be a bit weaker (as per PcMag review). Also, does Webroot protect the user from network exploits ? PcMag article says the product does not help to protect against network exploits.
I asked Support (04/2017) about the results, I observed with WICAR.org - Test Your Anti-Malware Solution!.
I observed....Webroot blocks the domain, not the payload-tests.
Support advised "WSA is not an anti-exploit type tool, and as such provides blocking tech in the form of the BrightCloud reputation service. You can review the information at brightcloud.com."
I'm open to correction.
Thanks
Userlevel 3
+13
Hi,
Thanks for the update, so I am talking about the home product not the business product. My understanding is that Webroot does not prevent the exploit from happening but would rather prevent the payload from launching or working in the machine.
Regards,
Carlos
Thanks for the update, so I am talking about the home product not the business product. My understanding is that Webroot does not prevent the exploit from happening but would rather prevent the payload from launching or working in the machine.
Regards,
Carlos
Userlevel 7
Hi Carlos
That is correct...the WRSA philosophy, for want of a better term, is simply put 'don't waste time and resources for threats that are not threats, i.e, malware that is in active. Concentrate resources on detecting & killing malware as soon as it tries to go active'.
As I said...this is a broad explanation of the approach...and not meant to be a detailed technical one.
Hope that helps?
Regards, Baldrick
That is correct...the WRSA philosophy, for want of a better term, is simply put 'don't waste time and resources for threats that are not threats, i.e, malware that is in active. Concentrate resources on detecting & killing malware as soon as it tries to go active'.
As I said...this is a broad explanation of the approach...and not meant to be a detailed technical one.
Hope that helps?
Regards, Baldrick
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.