Why does Passguard recommend Sophos?

No cooperation with Sophos

First, let's clarify an important point: Passguard does not have any cooperation with Sophos. Our recommendation is based purely on independent tests and our own experiences.

Why is it so hard to detect infostealers with antivirus solutions?

Infostealers are a unique challenge for antivirus solutions. Here are the three main reasons:

1. Continuous change: Infostealers are continuously being modified by malware makers. New versions are released frequently, allowing them to avoid recognition by signature-based antivirus programs.
2. Unobtrusive behavior: Infostealers perform minimal but highly targeted actions. For example, they only steal login details and remove their tracks as much as possible, making detection difficult.
3. Advanced techniques: Modern infostealers use techniques such as code injection and memory-based attacks. These methods are difficult to detect with traditional antivirus protection.

This combination of properties makes infostealers a particularly persistent threat. That's why specialized protection is so important.

Why Sophos?

1. Unique benefits‍

A major advantage of Sophos is that it uses HitmanPro: a specialist malware removal tool that performs well in finding and removing infostealers. In addition, Sophos stands out for its unique Credential Theft Protectiontechnology. This functionality has been specifically developed to prevent credential theft from the device. This offers great added value compared to the generic detection methods that many other antivirus programs offer. Many antivirus programs rely primarily on signature detection — a useful approach against known threats, but less effective against new or ever-changing threats such as infostealers. Learn more about Credential Theft Protection‍

2. Supporting test results‍

Our own findings are confirmed by renowned test labs such as AV-Test and SE Labs. Sophos scored consistently high in the past year.

Sources:‍

1. AV test: Sophos‍
2. SE Labs: Home Endpoint Security

Other popular solutions, such as Microsoft Defender and Malwarebytes, have proven less effective according to both our and third-party tests.

But... Sophos isn't perfect

Although we recommend Sophos, this product does not offer 100% certainty either. Here are a few points to consider:

• Bypass options: There are cases where the Credential Theft Protection module has been bypassed. An example of this took place in March 2024 (well).
• System load: HitmanPro.alert can be more demanding on systems than some competitors, making it less suitable for older devices.
• Suboptimal detection: Some malware samples were able to start before they were stopped, which is not ideal even though the system remained protected.

A complex challenge

Protection against infostealers is still in its early stages. Sophos currently offers one of the most effective solutions for consumers, but we expect the market to continue to develop. As soon as new, promising products become available, we will certainly include them in our evaluations.

Lastly

At Passguard, we understand that there is no single solution that protects everyone from all threats. Our recommendations are designed to help you go one step further in a complex and ever-changing digital world. Do you have questions or want to continue talking about this topic? Let us know — we'd love to hear your feedback!

‍