AV choice

[Fred Claus]

I'm old school and think that paid AV is better than free. Is that still true today? Most of my clients are residential with some of them being micro business clients as well. Some advice that I've been getting on other forums is that the free antivirus window security essentials that comes on Windows 10 and 11 these days is just as good as the antivirus and anti-malware components of a third party software. What are the opinions on this forum?

Looking solely at anti-malware anti-ransomware and anti-virus, is the window security essentials just as good as say bit defender or webroot? My clients don't need the feature packed top of the line tools like Sophos or ESet. But they do need to be protected when they are online. Is window security essentials still good enough?

 

[YeOldeStonecat]

Windows Defender is darned good now, and starting a few versions of Windows 10 ago....you can also enable app security and some anti ransomware measures.

Windows Defender, when managed by some upper licenses of Microsoft 365 that include Defender for Endpoint Security, can REALLY get some additional features enabled which make it a next gen endpoint that'll have features much like Sentinal One.

 

[HCHTech]

I'm sure you'll get many opinions, each with their own favorite solution. For residential clients, I don't believe Defender is better than paid AV, so I recommend the one I can manage, BitDefender plus Malwarebytes plus changing their DNS to the free servers from Quad9 + NextDNS. We also typically install an adblocker in the browser as well.

 

[Markverhyden]

I stopped peddling AV unless the customer had a statutory requirements. Like HIPAA, etc. In those cases they'd get a managed solution. As @YeOldeStonecat said the Windows built in solution, Defender, is very good. It's been well ranked for many years.

 

[sapphirescales]

Another vote for Defender. Is it the best thing out there? No. Is it good enough for 99% of home users? Yes. I personally use Malwarebytes but I'm not your average home user.

 

[GTP]

as good as say bit defender or webroot?

Stay far away from anything Webroot. This software is worse than the malware it purports to protect against.
Once on a system its almost impossible to remove (like Avast) and will cause problems.

 

[britechguy]

What I post about AV/Security suite choice, and have been for years now:

Look at the most recent testing results from the following antivirus/security testing labs, along with the historical results from the past several years if you want to see how Windows Security/Defender has been performing. Windows Security has been solidly in the top 10, often top 5, and frequently beats out several well-known competitors that one must pay for.

AV Test (See Windows test section)

AV Comparatives (Reports Page – Look at Real-World Threat Protection and Advanced Threat Protection Test reports)

SE Labs (Reports Page – Look at Endpoint Security Reports)

MRG Effitas (360° Assessment & Certification Reports)

If you look at these (and other) tests, over time, all of the "top 10"/"recommended options" shuffle positions depending on the exact state of affairs at the time of the test. The difference between first and fifth, or seventh, or tenth, is often not functionally significant when you look carefully at the metrics.

I can't see paying for anything beyond Windows Defender unless something were to change, signficantly, in the longstanding state of affairs.

 

[Fred Claus]

What I post about AV/Security suite choice, and have been for years now:

Look at the most recent testing results from the following antivirus/security testing labs, along with the historical results from the past several years if you want to see how Windows Security/Defender has been performing. Windows Security has been solidly in the top 10, often top 5, and frequently beats out several well-known competitors that one must pay for.

AV Test (See Windows test section)

AV Comparatives (Reports Page – Look at Real-World Threat Protection and Advanced Threat Protection Test reports)

SE Labs (Reports Page – Look at Endpoint Security Reports)

MRG Effitas (360° Assessment & Certification Reports)

If you look at these (and other) tests, over time, all of the "top 10"/"recommended options" shuffle positions depending on the exact state of affairs at the time of the test. The difference between first and fifth, or seventh, or tenth, is often not functionally significant when you look carefully at the metrics.

I can't see paying for anything beyond Windows Defender unless something were to change, signficantly, in the longstanding state of affairs.

Thanks everyone. I was looking at the AV Comparative site and Defender in the latest test blocked all but three, while BitDefender blocked all but two. Wow. Just a .2% difference between the one I pay 2.00 a month for and the one that is already on their computers.

 

[britechguy]

Just a .2% difference between the one I pay 2.00 a month for and the one that is already on their computers.

And take a look at historical tests (and future ones, over time). Windows Defender has often beaten BitDefender and a number of others.

Again, much depends on the exact samples selected for testing and the precise state (including definitions loaded at the time) of the AVs tested. One could do better minutes or hours later if definition updates were included that had not as yet been applied at the moment of the testing.

There's very often very, very, very little functional real-world difference between all the competitors. Snapshots at a given moment in time will virtually always show differences, but actual protection "in the wild" is so thorough overall that it's effectively the same.

 

[Porthos]

I have some Defender-only clients, Some Defender/MB Premium clients.
All clients have 3 extensions on all browsers. Ublock Origin, MB Browser Guard, and the Netcraft extension.

NO one has caught an infection ever.

All I hear from now are the ones that fall for an email scam.

 

[Fred Claus]

I have some Defender-only clients, Some Defender/MB Premium clients.
All clients have 3 extensions on all browsers. Ublock Origin, MB Browser Guard, and the Netcraft extension.

NO one has caught an infection ever.

All I hear from now are the ones that fall for an email scam.

Thanks, that's good to know.

 

[cypress]

I been using Emsisoft for years and now I have it managed on my dashboard. No issues. I also setup the DNS on the PC and install UBlock Origin on Chrome or Firefox browser for the client.

 

[Porthos]

and install UBlock Origin on Chrome or Firefox browser for the client.

Be sure to install it on Edge as well.

 

[Metanis]

I concur with many posters above. For HOME use Windows Security is good enough, but always install a good Ad Blocker like uBlock Origin. And I try to ensure people use OpenDNS Family Shield or the CloudFlare equivalent as their default DNS resolvers.

 

[britechguy]

NO one has caught an infection ever.

I actually haven't heard of an "old school infection" for years now. A big part of my early break-fix business was virus removal and cleanup, that ceased to be any part of my business quite a while back.

Anything even similar to that has always, and I do mean always, come about because someone fell for any one of a number of social engineering schemes where they, themselves, clicked through on links in "warning messages" designed to make them panic, or stupidly granted remote access to their machine to someone who called them (who wasn't me and where they hadn't sought out my assistance first).

Security suites also have become so thorough in being able to block virtually all the old infection methods. The fact that virtually everything that downloads, including email messages, is scanned prior to actually being saved where an end user can get to it has just about killed off all of the old infection methods.

This is why I have been pounding away with my clients that virtually all infections (if you were to get any) are the result of an action you take that you shouldn't have and that if anything puts you into a panic the best thing to do is nothing at that moment, because the moment of panic is not the moment of infection, but the moment you do something afterward that you shouldn't. Take a few breaths, think, and call me if necessary. It's seldom necessary to call me if the first two steps have been taken.