AVLab is an independent organization that conducts tests on security software for corporate networks and individual user devices. These tests are conducted by using malicious software, tools, and bypassing security techniques that are used in real cyberattacks.
In October 2017, AVLab conducted a Fileless Malware Protection Test. In this test, AVLab experts tested various security software products against fileless malware (described below). The experts used the techniques and tools that are applied by cybercriminals to launch such attacks. Seqrite Endpoint Security Enterprise Suite was one of the tested security software products.
What is a fileless malware?
First, let’s understand how a traditional antivirus works:
- During an attack, a malicious executable file is placed on the computer’s hard drive.
- The antivirus gets into action and analyzes this file.
- If the infection is identified, the malicious file gets quarantined (isolated) or removed by the antivirus.
Coming back to ‘fileless malware’ – as its name suggests, it refers to a cyberattack where no ‘files’ are involved. In other words, unlike the scenario described above, a fileless malware does not place an executable file on the disk. It instead operates in the computer’s internal memory. This means a traditional antivirus software will have a hard time detecting a fileless malware infection because there is no ‘malicious file’ to detect! By using a fileless malware, attackers can hide their presence in your computer and cause all sorts of damage (stealing information, downloading additional malware, and gaining access to higher privileges, etc.) without raising an alarm.
Imagine a fileless malware infection as a situation where a criminal is hiding in your house and you have no clue about it. Scary, isn’t it?
So, the Fileless Malware Protection Test involved using various security software products and determining how effective they are in detecting and blocking a fileless malware attack. And in this test, Seqrite Endpoint Security Enterprise Suite was awarded the BEST+++ Certificate.
A BEST+++ Certificate implies that Seqrite Endpoint Security Enterprise Suite was able to stop all sorts of fileless malware attacks that were carried out in AVLab’s Fileless Malware Protection Test.
Download the PDF below to get a thorough insight into the test and its results.