Hi there, On Sun, 9 Jul 2017, Michael Jeung wrote:
Re: ClamAV comparison
... A cursory survey of published AV comparisons shows ClamAV being outperformed by a lot of other (commercial) products. ... In terms of efficacy, these comparisons seem to rank ClamAV very poorly. :(
Having used ClamAV for more than a decade, this matches my experience. Now and then I've posted a few statistics here, search the archives.
I'm curious if anyone knows the reason why? Are these tests conducted fairly? Do the commercial products - like Sophos or BitDefender - have better virus definitions?
I do not know the answers to these questions. I do suspect that some organizations apply far more resources, both to the crafting of code in their products and to the production of definitions, than SourceFire in the case of ClamAV. It has to be said that SourceFire sells commercial products with which a free version of ClamAV might be seen as competing. My use of ClamAV is possibly not typical, in that my main reason for using it is access to the so-called 'third-party' signature databases. For a rather broad definition of 'malicious' these are very effective in my experience in detecting malicious email content. It's possible that the comparisons which you mention ignored third-party signatures, and even the threats which they address, and that the results might otherwise have been different. The Sanesecurity databases, to single out one particularly good provider, do a pretty good job for me. -- 73, Ged. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
