Mailing List Archive

Not that I am aware of that is current. Most of those tests you have to pay for, and the vendors who are in the tests pay for them.

Sent from my ? iPhone

On Mar 29, 2021, at 19:05, María Belén Bonino via clamav-users <clamav-users@lists.clamav.net> wrote:

?
Hey there!
Are there any independent testing results to show the current ClamAV detection rate?

Thank you so much,


Maria Belen Bonino

Backend Engineer

maria.bonino@invoice2go.com<mailto:maria.bonino@invoice2go.com>

+61 413 535 624


[https://lh5.googleusercontent.com/s3HHh0JuIsN31afX_ctFCoMwHHq078JBuy4VzrL6xF3sYj7_1ZuA9RtoD4Py9ZUj0yaQs71I7uiBNIyMabYsrfVrb25O7_LH8smsQyDCa901WnQg8NrSZjxG8Lt2wT4-UhhNo-_w]


_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Hi Joel, thanks for your reply.

Yeah, I thought so. So there are no available reports on the current
detection rate?


Maria Belen Bonino

Backend Engineer

maria.bonino@invoice2go.com

+61 413 535 624




On Tue, 30 Mar 2021 at 10:10, Joel Esler (jesler) <jesler@cisco.com> wrote:

> Not that I am aware of that is current. Most of those tests you have to
> pay for, and the vendors who are in the tests pay for them.
>
> Sent from my ? iPhone
>
> On Mar 29, 2021, at 19:05, María Belén Bonino via clamav-users <
> clamav-users@lists.clamav.net> wrote:
>
> ?
> Hey there!
> Are there any independent testing results to show the current ClamAV
> detection rate?
>
> Thank you so much,
>
>
> Maria Belen Bonino
>
> Backend Engineer
>
> maria.bonino@invoice2go.com
>
> +61 413 535 624
>
>
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
>

I would expect Joel would know if there were since it's his program.

-Al-

> On Mar 29, 2021, at 16:42, María Belén Bonino via clamav-users <clamav-users@lists.clamav.net> wrote:
>
> So there are no available reports on the current detection rate?

Hello Maria,

Le 30/03/2021 à 01:03, María Belén Bonino via clamav-users a écrit :
> Hey there!
> Are there any independent testing results to show the current ClamAV
> detection rate?

Since years, we publish our daily statistics :
https://www.securiteinfo.com/attaques/hacking/stats_malwares_internet.shtml

The page is in french, but you can use Google traduction :

https://translate.google.com/translate?sl=fr&tl=en&u=https://www.securiteinfo.com/attaques/hacking/stats_malwares_internet.shtml

--
Cordialement / Best regards,

Arnaud Jacques
Gérant de SecuriteInfo.com

Téléphone : +33-(0)3.60.47.09.81
E-mail : aj@securiteinfo.com
Site web : https://www.securiteinfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom
Signatures for ClamAV antivirus : http://ow.ly/LqfdL

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Hi there,

On Tue, 30 Mar 2021, María Belén Bonino via clamav-users wrote:

> Are there any independent testing results to show the current ClamAV
> detection rate?

You will get better answers if you ask better questions. :)

What are you looking to detect? In what body of data? Do you treat
zero-day threats separately? Do you take precautions specifically to
avoid these?

Not exactly very current, but I've posted estimates I've made here in
the past which you should be able to find in the archives. There will
be better searches you can do, but for e.g. serch for 'detection rate'
at MARC:

https://marc.info/?l=clamav-users&w=2&r=1&s=detection+rate&q=b

and read some of my posts.

I'm generally only looking for spam in mail. I keep fairly well on
top of the patching, and thankfully I don't have to manage Windows
boxes any more, so malware-type threats aren't very interesting to me
and anyway our ClamAV server gets to see precious few of them because
of the other defences which precede it in the mail processing. Having
said that I think it's more or less fair to say that at this moment if
you exclude my own Yara rules ClamAV is detecting around 25% the spam,
and that detection rate is provided almost entirely by the third-party
databases. Predominantly it's Sansecurity doing the heavy lifting but
I don't think you can even rely on that; I don't know what would
happen if for example I removed the Sansecurity databases to see what
the others would find. Limitations in the clamd API make it awkward
to find out. That's a much-delayed work in progress here, and my wife
is giving me grief about crumpets as I write.

If you want to dig more deeply into this then I can let you have some
numbers by grepping logs - but it would take some time and I'd first
need better terms of reference from you.

--

73,
Ged.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml