Recommendation

PROCEDURE OF OBTAINTING CERTIFICATE

awards2 ico
awards awards

What is the certificate?

The AVLab’s certificate issued since 2019 confirms suitability of tested solution in protection against malicious software and cyberattacks.

Why is it worth having the certificate?

  • Join the developers certificated by the independent organization.
  • Use the certificate for marketing purposes, e.g. place it on your website, promote your company in a magazine, allow potential customers to see that you own a reputable solution.
  • Safely test out your solution in a controlled environment.
  • Receive feedback and improve the effectiveness of security product.

Does the certificate cost anything?

The certificate is granted free of charge. The only fee you have to pay is for carrying out tests.

A fee for tests is not strictly equivalent to granting the certificate.

A very small fee treated by both parties as a compensation for work and improvement of users safety. Without a financial help, it would not be possible to maintain the infrastructure, continuously improve procedures and necessary tools that are needed for carrying out tests.

How to get the certificate?

All you need to do is send us the so-called indicators that will help to establish the reaction of tested solution to malicious software or cyberattacks. We will do the rest.

How we test?

After the tests you will get access to:

  • Malware samples used.
  • Logs of tested solution saved.
  • Report on recorded indicators.
  • Report containing the activity of malicious software.
  • Report on other modifications in the operation system.

How we test?

After the tests you will get access to:

  • Malware samples used.
  • Logs of tested solution saved.
  • Report on recorded indicators.
  • Report containing the activity of malicious software.
  • Report on other modifications in the operation system.

Obtaining the certificate

In order to obtain the AVLab’s certificate, tested solution must be extraordinarily effective at blocking cyberattacks and malicious software.
Recommendations are granted on the basis of the predefined threshold:

avlab excellent march 2021

The Certificate EXCELLENT
for the result of 100%.

avlab superior march 2021

The Certificate SUPERIOR
for the result of at least 95%.

avlab valuable march 2021

The Certificate VALUABLE
for the result of at least 90%.

If you are interested in our offer or want to get more information...

Example indicators

We can completely automate security tests carried out. For instance, we are able to record events of blocking an attack by a specific technology implemented in a product. If a product reacts to a malicious modification of the system, this kind of information is saved in the Windows event log or the local logs of the protection solution. We can capture such modification using the Windows API. For example, the activity of moving a virus to quarantine or running malware in a sandbox will cause the reading of a relevant key from the Windows registry or executing an action by a process. Then, we can mark recorded indicators as a detected attack, a blocked network connection, or an infected file removal. Here are some example indicators:

 ESET Internet Security:

ANTIVIRUS INDICATORS DESCRIPTION
C:\ProgramData\ESET\ESET Security\Logs\virlog.dat Malware was removed or cured
*AppData\Local\ESET\ESET Security\Quarantine Malware was quarantined
C:\ProgramData\ESET\ESET Security\epfwlog.dat Blocking of traffic by a firewall
C:\ProgramData\ESET\ESET Security\Logs\urllog.dat Blocking of malware on a website

Sophos Endpoint Protection:

ANTIVIRUS INDICATORS DESCRIPTION
C:\ProgramData\Sophos\Sophos Anti-Virus\INFECTED Information on a quarantine
HKLM\SOFTWARE\WOW6432Node\Sophos\SAVService\ThreatLifetime\Threats Message about a threat found
C:\ProgramData\Sophos\Health\Event Store\Incoming\SAV-{67E677B9-A7CC-4136-B97E-B901C48655DC}.json Threat found
HKLM\SOFTWARE\WOW6432Node\Sophos\Health\ThreatNotification\Severity Threat notification
HKLM\SOFTWARE\WOW6432Node\Sophos\SAVService\Status\Infected\* Elevated security status
C:\ProgramData\Sophos\Sophos Anti-Virus\Temp\* Information on a threat

Comodo Internet Security:

ANTIVIRUS INDICATORS DESCRIPTION
C:\ProgramData\Comodo\Cis\Quarantine\* Malware was quarantined
C:\VTRoot\* Virus was run in a sandbox
C:\ProgramData\Comodo\Firewall Pro\cislogs.sdb Information on an event in a firewall
HKLM\SYSTEM\VritualRoot\* Information on running in a sandbox

Wyrażam zgodę na przesłanie oferty drogą telefoniczną przez IT Partners security sp. z o.o. z siedzibą Katowicach ul.Padereskiego 35 na podany przeze mnie adres e-mail zgodnie z ustawą z dnia 10 maja 2018 roku o ochronie danych osobowych (Dz. Ustaw z 2018, poz. 1000) oraz zgodnie z Rozporządzeniem Parlamentu Europejskiego i Rady (UE) 2016/679 z dnia 27 kwietnia 2016 r. w sprawie ochrony osób fizycznych w związku z przetwarzaniem danych osobowych i w sprawie swobodnego przepływu takich danych oraz uchylenia dyrektywy 95/46/WE (RODO).

Wyrażam zgodę na przesłanie oferty drogą mailową przez IT Partners security sp. z o.o. z siedzibą Katowicach ul.Padereskiego 35 na podany przeze mnie adres e-mail zgodnie z ustawą z dnia 10 maja 2018 roku o ochronie danych osobowych (Dz. Ustaw z 2018, poz. 1000) oraz zgodnie z Rozporządzeniem Parlamentu Europejskiego i Rady (UE) 2016/679 z dnia 27 kwietnia 2016 r. w sprawie ochrony osób fizycznych w związku z przetwarzaniem danych osobowych i w sprawie swobodnego przepływu takich danych oraz uchylenia dyrektywy 95/46/WE (RODO).

[ninja_tables id=”27481″]