Producer Information

F-Secure is a unique software that contains additional tools to secure end user’s devices. It protects against a wide range of threats. F-Secure used to be responsible for the business part, but as of July 2022, WithSecure has focused on endpoint security, and managed services for small and medium-sized businesses, while F-Secure implements a security strategy for the consumer market.

Key Features of F-Secure

F-Secure Total includes a VPN recommended by AVLab which should be used primarily by users who own smartphones that no longer receive updates. The VPN encrypts all network communication, so it is possible to access sensitive data even over an unsecured Wi-Fi network. In addition, the VPN allows to block ads and tracking scripts, and this is already a very desirable feature especially on smartphones.

The software for Windows and macOS includes a module to protect online transfers certified by AVLab. During an active banking session, all other Internet connections are stopped for the duration of this special protection. This prevents connections from being established so malware cannot connect to the hacker’s server.

An important module is the so-called monitoring of an e-mail or other information entered by a user for data leak. F-Secure works with third-party operators to scan the Tor network for stolen data and provide altering and assistance in the event of a leak.

F-Secure is known mainly for the good antivirus protection. It secures against 0-day malware through an advanced analysis of unknown threats (DeepGuard technology).

Selected Awards

Certificates that confirm the high quality of software and effectiveness in protecting against threats and attacks in real time.

We awarded the certificate for the highest quality of protection against Internet threats in the Advanced In The Wild Malware Test.

Certificates are granted to solutions that are characterized by a high level of security in the Advanced In The Wild Malware Test.

The TOP Remediation Time award reflects the fast response to threats by completely neutralizing the entire malware “lifecycle”.

We award developer who perfectly respond to cyberattacks reproducing the theft of payment data, or even the manipulation of information by banking Trojans.

Certificates are granted to solutions that are characterized by a high level of security in the Advanced In The Wild Malware Test.

Advanced In The Wild Malware Test

Recent Results in March 2024

Tested on default settings

F-Secure Total

Blocked: 459/459
Total: 100%

PRE-LAUNCH: This classification references the detection of malware samples before they are launched in a live system.

POST-LAUNCH: This indicates an analysis level, i.e., an attack has executed and has been blocked by a tested product.

FAIL: This classification indicates a detection failure, i.e., an attack has NOT been blocked and has infected a system.

Remediation Time in a Nutshell

March 2024



Average Remediation Time of active threats



Fastest Remediation Time of one single threat



Longest Remediation Time of one single threat



or active threats
after Remediation

Remediation Time (RT) Legend
The time expressed in seconds from the introduction of malware into the system by a browser, through the launch, to detection and reaction by product on a security incident. The Remediation Time may depend on the real activity of the malware, which may increase calculated time.

remediation time

Example indicators

We can completely automate security tests carried out. For instance, we are able to record events of blocking an attack by a specific technology implemented in a product. If a product reacts to a malicious modification of the system, this kind of information is saved in the Windows event log or the local logs of the protection solution. We can capture such modification using the Windows API. For example, the activity of moving a virus to quarantine or running malware in a sandbox will cause the reading of a relevant key from the Windows registry or executing an action by a process. Then, we can mark recorded indicators as a detected attack, a blocked network connection, or an infected file removal. Here are some example indicators:

 ESET Internet Security:

C:\ProgramData\ESET\ESET Security\Logs\virlog.datMalware was removed or cured
*AppData\Local\ESET\ESET Security\QuarantineMalware was quarantined
C:\ProgramData\ESET\ESET Security\epfwlog.datBlocking of traffic by a firewall
C:\ProgramData\ESET\ESET Security\Logs\urllog.datBlocking of malware on a website

See the previous results

You can always go back in time and check how each individual security product performed during previous editions of the test. We make the results from all previous tests available to you to verify if your favorite developer has improved protection against latest malware in his security software.