Like Tree2Likes
  • 2 Post By hackerman1

Thread: VirusBulletin (VB100) : How to read the RAP chart

  1. #1
    hackerman1 is offline Moderator
    Join Date
    Dec 2008

    Default VirusBulletin (VB100) : How to read the RAP chart

    About the test reports from VirusBulletin (VB100):

    Explains how to read the RAP-chart.

    VirusBulletin (VB100), Summary information about RAP testing

    "The unique RAP (Reactive and Proactive) tests measure detection rates, using the freshest samples available at the time products are submitted to the test, as well as samples not seen until after product databases are frozen. This provides a measure of both the vendors' ability to handle newly emerging malware, and their accuracy in detecting previously unknown malware."

    The four-test RAP averages quadrant allows at-a-glance comparison of detection rates by these criteria."

    The RAP tests are run according to the following procedures:

    RAP samples are split into four sets:

    The set known as 'week +1' is gathered in the period from one to seven days after the product submission deadline.
    The 'week -1' set covers the deadline day itself and the six previous days.
    The 'week -2' set includes samples gathered eight to 14 days before the deadline.
    The 'week -3' set consists of samples gathered 15 to 21 days before the deadline.

    For each product entered for a review, we measure detection using our standard on-demand scanning procedure; this uses default product settings and ignores detections labelled as 'suspicious' only.

    Scores used in the per-test RAP quadrants are labelled 'Proactive' (the 'week +1' score), and 'Reactive' (the average of the scores for weeks -1, -2 and -3).
    Scores used in the four-test RAP averages quadrant are the averages of each score over the last four tests.

    In the per-test quadrants, products with false positives in the test in question are marked by striking through the product identifier.

    For the four-test RAP averages quadrant, such scores are excluded when calculating averages."

    Full details of the RAP scheme:

    The X-axis (horizontal) is detection of "new" malware ("0-day"), and the Y-axis (vertical) is detection of "old" (known) malware.

    So a good antimalware-program should be at the upper-right corner....
    Last edited by hackerman1; 26th December 2014 at 15:54.
    HappyAndyK and HappyAndyK like this.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Log in

Log in

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22