WEBVTT

00:00:00.000 --> 00:00:04.800
Remember when Norton, McAfee, and Webroot ruled the world and we were all buying separate

00:00:04.800 --> 00:00:10.160
antivirus security suites for our computers? These days, many of us have forgotten about these

00:00:10.160 --> 00:00:14.240
products and instead just opt for the built-in protection offered by Windows Defender,

00:00:14.240 --> 00:00:21.600
now called Windows Security. Yet, paid, anti-malware software still exists. So is there any reason to

00:00:21.600 --> 00:00:27.440
actually shell out money for it these days? To answer, let's explore what Windows Security does

00:00:27.440 --> 00:00:32.160
and does not do, and we'd like to give a big thank you to our friends at HP Wolf Security

00:00:32.160 --> 00:00:36.160
for sponsoring this video. So it used to be that the protection built into Windows was

00:00:36.160 --> 00:00:41.600
relatively bare bones, but these days, Windows Security is a fairly comprehensive solution.

00:00:41.600 --> 00:00:45.920
Most tech reviewers have noticed that Windows Security does a pretty good job of detecting,

00:00:45.920 --> 00:00:51.760
stopping, and quarantining the usual viruses and malware, with multiple sites ranking it higher

00:00:51.760 --> 00:00:56.960
than quite a few paid options, both in terms of how many pieces of malicious code it stops,

00:00:56.960 --> 00:01:02.320
as well as having a low number of false positives. Windows Security uses two common strategies to

00:01:02.320 --> 00:01:08.240
accomplish this high success rate. The first is by examining signatures against a database.

00:01:08.240 --> 00:01:12.800
Microsoft publishes definition updates for Windows PCs multiple times a day with signatures for

00:01:12.800 --> 00:01:17.680
newly found malware, and then Windows Security downloads these and compares them to possible

00:01:17.680 --> 00:01:23.440
threats. The second strategy is the use of heuristics, analysis of program behavior without

00:01:23.440 --> 00:01:29.440
using specific definitions or signatures. This way, if a zero-day or undiscovered threat

00:01:29.440 --> 00:01:34.160
makes its way onto your system and behaves suspiciously, Windows Security can block it,

00:01:34.160 --> 00:01:38.880
even if it's never been seen before. This is a pretty powerful one-two punch for most home

00:01:38.880 --> 00:01:44.400
users, but it does still have its limitations. One is that Windows Security tends to rely somewhat

00:01:44.400 --> 00:01:49.360
heavily on being able to connect to Microsoft's servers and access malware data stored in the

00:01:49.360 --> 00:01:54.880
cloud. A recent AV-comparables test known to that Windows Security only detected around two-thirds

00:01:54.880 --> 00:02:00.720
of threats when its internet connection was lost, which lagged behind most paid competitors,

00:02:00.720 --> 00:02:06.880
which tend to store more of the resources they need locally. Of course, most of us are online

00:02:06.880 --> 00:02:12.160
consistently these days, but it's something to think about if, say, a piece of malware you've

00:02:12.160 --> 00:02:16.640
unwittingly downloaded decides to act up when you're not connected to the internet, like when

00:02:16.640 --> 00:02:21.360
you're on a plane, for example. More advanced paid software might also be less dependent on a

00:02:21.360 --> 00:02:27.360
signature database and more dependent on cloud AI to more robustly prevent against new and evolving

00:02:27.360 --> 00:02:31.920
threats. Indeed, this has helped some of Windows Defenders competitors who slightly outperform

00:02:31.920 --> 00:02:37.280
it in terms of detection rates. And some paid services do throw in extra features, such as

00:02:37.280 --> 00:02:42.480
including a VPN service, monitoring your home network for vulnerabilities, or providing alerts

00:02:42.480 --> 00:02:47.680
when one of your accounts or passwords is involved in a data breach. But while these might not sound

00:02:47.680 --> 00:02:52.080
like compelling reasons to pay for security software at home, moving away from relying on

00:02:52.080 --> 00:02:57.200
just Windows Security might be a good idea for businesses and organizations who have to secure

00:02:57.200 --> 00:03:02.000
lots of computers at once, and might not be able to ensure their employees are always following

00:03:02.000 --> 00:03:07.440
best practices. This approach is commonly called Endpoint Security, since it involves robustly

00:03:07.520 --> 00:03:12.960
protecting user-facing endpoints, which have historically gotten weaker protection than servers.

00:03:12.960 --> 00:03:17.520
Endpoint Security is being provided by a growing number of companies these days, such as Crowdstrike,

00:03:17.520 --> 00:03:22.800
HP Wolf Security, Sentinel-1, FireEye, and even Microsoft. It typically not only includes the

00:03:22.800 --> 00:03:27.600
usual antivirus and anti-malware functions, but advanced features like automatically restoring

00:03:27.600 --> 00:03:32.320
a system's BIOS if it gets attacked, more deeply examining files to detect malicious code,

00:03:32.320 --> 00:03:36.880
sandboxing processes in memory so malware can't spread to other parts of the system,

00:03:36.880 --> 00:03:41.200
keeping the security software running with a hardware controller, even if the operating system

00:03:41.200 --> 00:03:46.560
is compromised, and allowing for easy remote management. So if you have a bunch of computers

00:03:46.560 --> 00:03:51.680
you're trying to keep on lockdown, or if you need extra security for data that you just can't afford

00:03:51.680 --> 00:03:57.440
to lose, it might be worth investing in a security solution you actually pay for. Otherwise, rolling

00:03:57.440 --> 00:04:02.960
with Windows Defender is probably fine. Just be careful what you click on, as nobody legitimate

00:04:02.960 --> 00:04:07.440
is going to offer you tech support through a shady looking webpage riddled with spelling errors.

00:04:07.440 --> 00:04:11.360
Thanks again to HP Wolf Pro Security for sponsoring today's video. It's an easy to use

00:04:11.360 --> 00:04:16.080
endpoint security solution that includes next-gen antivirus with powerful sandboxing, identity

00:04:16.080 --> 00:04:21.280
protection, and a self-healing BIOS in case your system's firmware is hit by an attack.

00:04:21.280 --> 00:04:25.840
HP Wolf Security is pre-installed at the factory. You don't need extra IT resources,

00:04:25.840 --> 00:04:29.840
you don't need aftermarket antivirus, and you don't even need to update your definitions.

00:04:29.840 --> 00:04:33.760
Thanks to the powerful built-in AI, you don't even have to be connected to the internet to

00:04:33.760 --> 00:04:39.040
detect and deal with threats, even ransomware. HP Wolf Pro Security also features a hardware

00:04:39.040 --> 00:04:43.600
endpoint controller on the motherboard itself, which enforces protection. The controller ensures

00:04:43.600 --> 00:04:48.400
your system is secure by keeping antivirus, firewall, and other critical functions running

00:04:48.400 --> 00:04:52.640
properly, even if your operating system is attacked. And it even provides hardware-enforced

00:04:52.640 --> 00:04:57.280
secure web browsing. And if the worst does happen and your data gets corrupted, never fear, because

00:04:57.280 --> 00:05:02.240
HP Wolf Pro Security also provides fast, secure, automated image recovery from anywhere. It's

00:05:02.240 --> 00:05:06.480
great for businesses that need endpoint security or individuals who just need enhanced protection.

00:05:06.480 --> 00:05:12.080
And it comes in your choice of one or three-year licenses, so check it out today at the link in

00:05:12.080 --> 00:05:16.080
the video description. So thanks for watching guys. If you liked this video, hit like, hit subscribe,

00:05:16.080 --> 00:05:20.080
and hit us up in the comments section with your suggestions for topics that we should cover in

00:05:20.080 --> 00:05:20.720
the future.