Skip to main content

Webroot gets AAA rating in first official testing

Webroot gets AAA rating in first official testing
Forum|alt.badge.img+48

As many of you know, because of Webroot's unique way of identifying threats, it has never officially been included in public tests. Previous test methodologies simply haven't been devised to test Webroot according to the way it works to detect and block threats.

While still a work in progress, we’re happy to announce our first public testing in SE Labs Small Business Endpoint Protection Oct-Dec 2020. The result was a AAA rating for Webroot.

It's important to note that these results are only achieved when the new Script protection component of the Webroot Evasion Shield is activated. If you have yet to enable this feature, you can find directions for how to do so here.

Did this help you find an answer to your question?
This topic has been closed for comments

25 replies

Forum|alt.badge.img+8
  • New Voice
  • 36 replies
  • January 29, 2021

Could you please show where Webroot is awarded AAA status? I can’t seem to find it. From the following link dated Oct-Dec 2020, Webroot is only awarded AA status: https://selabs.uk/wp-content/uploads/2020/12/oct-dec-2020-home.pdf (Page  6 &7)

 

Update: Correct link provide below by @TripleHelix:

https://selabs.uk/wp-content/uploads/2020/12/oct-dec-2020-smb.pdf


TripleHelix
Moderator
Forum|alt.badge.img+63
  • Moderator
  • 8783 replies
  • January 29, 2021

SE Labs Small Business Endpoint Protection Oct-Dec 2020.

 

Right here: https://selabs.uk/wp-content/uploads/2020/12/oct-dec-2020-smb.pdf

 


MajorHavoc
Bronze VIP
Forum|alt.badge.img+25
  • Bronze VIP
  • 1262 replies
  • January 29, 2021

Congrats 


Forum|alt.badge.img+8
  • New Voice
  • 36 replies
  • January 29, 2021

Thanks @TripleHelix for the correct link.


tmcmullen
Popular Voice
Forum|alt.badge.img+6
  • Popular Voice
  • 177 replies
  • January 29, 2021

@freydrew Would you be able to answer the question - why isn’t Evasion Shield activated automatically? My engineers have asked the question and I’d love to be able to answer them.


TripleHelix
Moderator
Forum|alt.badge.img+63
  • Moderator
  • 8783 replies
  • January 29, 2021

Hello @tmcmullen  let me ping @coscooper and @dstokes1 to see if they can add some info.

 

Thanks,


GeorgeA
Forum|alt.badge.img+3
  • Retired Webrooter
  • 102 replies
  • January 29, 2021

Why isn’t Evasion Shield activated automatically?

That’s a really valid question and in the fewest possible words - to prevent service disruption.

We are conscious that many of our customers are MSPs and the Script Shield component of Webroot Evasion Shield (and the Foreign Code Shield that we’ll be shipping in Q2) both have the potential to stop valid processes running.

No matter how much we QA test we cannot account for in-house specialist scripts that are benign but act maliciously being ‘accidently’ stopped, creating a false positive.

So rather than ship switched on, we shipped switched off with the first option being to switch to the ‘detect and report’ mode. This way an MSP could go to ‘detect and report’ and deal with any exceptions and then switch the protection on.

We were playing safe to allow for a controlled migration to these powerful new infection prevention and APT defenses.  In hindsight we should maybe have shipped with detect and report as the default! 

No matter it is essential you turn these defenses on as they have powerful infection reduction capabilities that kill attacks earlier and better than before. The FAQs below and links to other Webroot Evasion Shield information is here. It is urgent you switch this on if you haven’t already.

https://community.webroot.com/general-information-102/evasion-shield-faq-342813

 


  • New Member
  • 1 reply
  • January 30, 2021

I have this installed on my PC. Can I also install it on my iPad, if so is there an additional fee?


TripleHelix
Moderator
Forum|alt.badge.img+63
  • Moderator
  • 8783 replies
  • January 30, 2021
bardiva67 wrote:

I have this installed on my PC. Can I also install it on my iPad, if so is there an additional fee?


Hello @bardiva67 

 

Apple doesn’t allow AV’s to be installed on iOS devices like iPhones and iPads but Webroot does have a version for Android devices.

 

Thanks,


TripleHelix
Moderator
Forum|alt.badge.img+63
  • Moderator
  • 8783 replies
  • January 30, 2021

Hello again @bardiva67 looking here Webroot has some protection but not an AV: https://apps.apple.com/ca/app/webroot-mobile-security/id460986853#?platform=ipad

 

And it says it’s Free!


Forum|alt.badge.img+1
  • Community Guide
  • 80 replies
  • March 1, 2021

It’s important to note that the protection rating for Webroot is 87% in that report.

To place that into perspective, Windows Defender which has a protection rating of 99%

I do wish that Webroot was allowed to run as an extra layer of security to Defender, that’s how it was once sold a few years ago, instead of trying to replace Defender. As well as offering an effective second layer to people like me, I believe it would also increase your sales to a new audience.

(I’ll ignore any replies that claim it can be run in parallel with WD by tweaking the registry)


  • New Voice
  • 8 replies
  • March 5, 2021
Cavehomme wrote:

I do wish that Webroot was allowed to run as an extra layer of security to Defender,

I find on domain joined computers, it does not turn of Windows Defender AV.  I wish it did give an option to keep or disable.  But then, not much has really been done with this app for many years.  Now some lame script blocker so Google Chrome can’t update or install itsself in userAPPland?


  • New Member
  • 2 replies
  • March 5, 2021

I agree an option to turn off the monitoring in security centre would be great! You get the best of both worlds with central management.


  • New Voice
  • 8 replies
  • March 7, 2021

Can you provide some documentation on what to watch out for (Gotcha’s!) that could be of concern to business installations?  For example, will apps like Chrome and Google still be able to update via appdata installations?

Also, what about Powershell scripts?  For example we have a battery of scripts we can throw at misbehaving computers, like  stop the printer queue service, clear the /spool/printers folder and restart the printer queue service.  

Will all of these types of scripts that run as logged in user, and some as admin user stop working unless they are added as an exception?


  • OpenText Employee
  • 1 reply
  • March 24, 2021
tmcmullen wrote:

@freydrew Would you be able to answer the question - why isn’t Evasion Shield activated automatically? My engineers have asked the question and I’d love to be able to answer them.

Evasion Shield must be turned on manually - please contact your Solutions Consultant for more information.


  • New Voice
  • 8 replies
  • March 26, 2021
Rickkee wrote:

Can you provide some documentation on what to watch out for (Gotcha’s!) that could be of concern to business installations?  For example, will apps like Chrome and Google still be able to update via appdata installations?

Also, what about Powershell scripts?  For example we have a battery of scripts we can throw at misbehaving computers, like  stop the printer queue service, clear the /spool/printers folder and restart the printer queue service.  

Will all of these types of scripts that run as logged in user, and some as admin user stop working unless they are added as an exception?

 


GeorgeA
Forum|alt.badge.img+3
  • Retired Webrooter
  • 102 replies
  • March 26, 2021

Hi Rickee,

There are no gotchas. The Script Protection Shield is very sophisticated (and patented) and is designed not to block Scripts that are typical, yet unique to each business environment, and it is unlikely to cause any FP (false positive) reports. 

We’re very targeted in what we’re looking for and so benign behaviors fall out of scope.

However, even with extensive Q&A testing we cannot offer a 100% guarantee not to create an FP if a Script has what appears to be malicious behavior.

For that reason we shipped as the default as off, and then gave administrators the ability to turn it on in detect and report mode so as they were able to identify and assess the impact of a new layer of security before fully enabling it.

This is really no different from a silent deployment of an endpoint solution to evaluate what ‘would’ happen if it were active.


Forum|alt.badge.img+48
  • Author
  • Retired Webrooter
  • 1550 replies
  • June 2, 2021

Thanks so much @niyazahamed! We’re really proud of it. 


MajorHavoc
Bronze VIP
Forum|alt.badge.img+25
  • Bronze VIP
  • 1262 replies
  • October 28, 2021
TripleHelix wrote:

SE Labs Small Business Endpoint Protection Oct-Dec 2020.

 

Right here: https://selabs.uk/wp-content/uploads/2020/12/oct-dec-2020-smb.pdf

 

 

Thank you for that link. It was a good read and some new ideas for me. 


MunkeyMan
New Voice
Forum|alt.badge.img+4
  • New Voice
  • 304 replies
  • April 5, 2022
TripleHelix wrote:

Hello again @bardiva67 looking here Webroot has some protection but not an AV: https://apps.apple.com/ca/app/webroot-mobile-security/id460986853#?platform=ipad

 

And it says it’s Free!

Brilliant!


tmcmullen
Popular Voice
Forum|alt.badge.img+6
  • Popular Voice
  • 177 replies
  • October 25, 2022

In response to the earlier Evasion Shield question, I wonder if MSPs can use it at all. If it has a hard time with automated processes run by MSPs, can a MSP “whitelist” those processes so that Webroot will ignore them? If so, can it be done on a global level for all clients?


Martin.1
Popular Voice
Forum|alt.badge.img+4
  • Popular Voice
  • 424 replies
  • October 25, 2022

@tmcmullen Yes you can most definitely create global overrides and “whitelists” 

 

 


Jamesharris85
New Voice
Forum|alt.badge.img+4

Congratulations this is excellent news and well deserved I'm sure


TripleHelix
Moderator
Forum|alt.badge.img+63
  • Moderator
  • 8783 replies
  • December 4, 2023
Jamesharris85 wrote:

Congratulations this is excellent news and well deserved I'm sure

Hey this is a two + year old thread.


TripleHelix
Moderator
Forum|alt.badge.img+63
  • Moderator
  • 8783 replies
  • December 5, 2023

Thread Closed as it is almost a 3 year old thread!

 

Newest thread posted here: