ESET

;1987–1992

The product NOD was launched in Czechoslovakia when the country was part of the Soviet Union's sphere of influence. Under the communist regime, private entrepreneurship was banned. It wasn't until 1992 when Miroslav Trnka and Peter Paško, together with Rudolf Hrubý, established ESET as a privately owned limited liability company in the former Czechoslovakia. In parallel with NOD, the company also started developing Perspekt.{{Cite web |date=2016-06-18 |title=Made in Slovakia: ESET |url=https://www.nextech.sk//a/Made-in-Slovakia--ESET |access-date=2022-08-16 |website=IT News |language=sk}} They adopted the name ESET, from the Czech name of Isis, the Egyptian goddess of health, marriage and love, as the company name.

;2003–2017

In 2013, ESET launched WeLiveSecurity,{{Cite web |title=WeLiveSecurity |url=https://www.welivesecurity.com/ |access-date=2022-08-16 |website=WeLiveSecurity |language=en-US}} a blog site dedicated to a vast spectrum of security-related topics.

December 2017 marked the 30th anniversary of the company's first security product. To mark its accomplishments, the company released a short documentary{{Cite AV media |title=Prvních 30 let #ESET - film |via=YouTube |url=https://www.youtube.com/watch?v=dhDVo6JySCA |language=en |access-date=2022-08-16}} describing the company's evolution from the perspective of founders Miroslav Trnka and Peter Paško. In the same year, the company partnered with Google to integrate its technology into Chrome Cleanup.{{Cite web |date=2017-10-16 |title=A cleaner, safer web with Chrome Cleanup |url=https://blog.google/products/chrome/cleaner-safer-web-chrome-cleanup/ |access-date=2022-08-16 |website=Google |language=en-us}}

;2018–present

In December 2018, ESET partnered with No More Ransom,{{Cite web |title=No More Ransom, a global anti-ransomware initiative, announces ESET as new partner |url=https://www.eset.com/int/about/newsroom/press-releases/announcements/no-more-ransom-a-global-anti-ransomware-initiative-announces-eset-as-new-partner/ |access-date=2022-08-16 |website=ESET |language=en |archive-date=16 August 2022 |archive-url=https://web.archive.org/web/20220816115314/https://www.eset.com/int/about/newsroom/press-releases/announcements/no-more-ransom-a-global-anti-ransomware-initiative-announces-eset-as-new-partner/ |url-status=dead }} a global initiative that provides victims of ransomware decryption keys, thus removing the pressure to pay attackers. The initiative is supported by Interpol and has been joined by various national police forces.{{Cite web |last=Sedlák |first=Jan |title=Česká policie se zapojuje do boje proti ransomwaru a vydává rady |url=https://www.lupa.cz/aktuality/ceska-policie-se-zapojuje-do-boje-proti-ransomwaru-a-vydava-rady/ |access-date=2022-08-16 |website=Lupa.cz |language=cs}} ESET has developed technologies to address the threat of ransomware and has produced papers{{Cite web |title=RANSOMWARE: an enterprise perspective |url=https://www.welivesecurity.com/wp-content/uploads/2018/10/ESET_Ransomware_Enterprise.pdf}}{{Cite web |title=ANSOMWARE: A look at the criminal art of malicious code, pressure, and manipulation |url=https://www.welivesecurity.com/wp-content/uploads/2021/08/ransomware_paper.pdf}} documenting its evolution.

ESET became a founding member of Google's App Defense Alliance.{{Cite web |title=App Defense Alliance |url=https://appdefensealliance.dev/ |access-date=2022-08-16 |website=App Defense Alliance |language=en}}{{Cite web |title=The App Defense Alliance: Bringing the security industry together to fight bad apps |url=https://security.googleblog.com/2019/11/the-app-defense-alliance-bringing.html |access-date=2022-08-16 |website=Google Online Security Blog |language=en}}

ESET provides security products for home and business users. Its products cover all the main operating systems across server, cloud, and mobile deployments.{{Citation needed|date=April 2023}}

ESET's first product was NOD, an antivirus program for computers running the MS-DOS operating system. NOD32 1.0 for Microsoft Windows was released in 1998 and version 2.0 in 2003. A third version, ESET NOD32 Antivirus, followed in 2007 along with ESET Smart Security 3, which added antispam and firewall modules.{{Citation needed|date=April 2023}}

ESET NOD32 Antivirus and additional related products with a wider suite of security functions, including ESET Smart Security Premium and ESET Internet Security,{{Cite web |title=Test antivirus software ESET |url=https://www.av-test.org/en/antivirus/home-windows/manufacturer/eset/ |access-date=2022-08-16 |website=av-test.org |language=en-US}} are upgraded and released on an annual basis.{{Cite web |title=Protecting consumers at every level with enhanced protection for Windows |url=https://www.eset.com/gr-en/about/newsroom/press-releases/protecting-consumers-at-every-level-with-enhanced-protection-for-windows-4/ |access-date=2022-08-16 |website=eset.com |language=en-GR}} In 2010, ESET released products for macOS, with a business version now called ESET Endpoint Antivirus{{Cite web |title=ESET launches ESET NOD32 Antivirus 4 Business Edition for Mac |url=https://www.eset.com/int/about/newsroom/press-releases/announcements/press-2010-eset-launches-mac-4-business-edition/ |access-date=2022-08-16 |website=eset.com |language=en}} and a home version called ESET Cyber Security.

ESET also offers products for Android devices. The first version of ESET Mobile Security was announced in 2012.{{Cite web |date=2012-05-02 |title=ESET Goes Google Play with ESET Mobile Security for Android Smartphones and Tablets |url=https://www.businesswire.com/news/home/20120502005588/en/ESET-Goes-Google-Play-with-ESET-Mobile-Security-for-Android-Smartphones-and-Tablets |access-date=2022-08-16 |website=businesswire.com |language=en}} The product offers malware protection and a call filter, an adware detector, payment protection, and theft protection (such as SIM card locking and total data wipes). In 2015, ESET introduced ESET Parental Control,{{Cite web |title=Parental Control Review 2017 for Android - ESET |url=https://www.av-comparatives.org/tests/parental-control-review-2017-for-android-eset/ |access-date=2022-08-16 |website=AV-Comparatives |language=en-US}} which allows parents to monitor children's use of Android devices.

ESET Smart TV Security, designed to protect Android TV from malware, phishing, and ransomware, was introduced in 2018 at the Mobile World Congress event in Barcelona.{{Cite web |title=ESET launches ESET Smart TV Security to protect against rising malware threats |url=https://www.eset.com/us/about/newsroom/press-releases/eset-launches-eset-smart-tv-security-to-protect-against-rising-malware-threats/ |access-date=2022-08-16 |website=eset.com |language=en-US}}

The company offers products to protect corporate data, ranging from workstation and server protection with ESET PROTECT Entry{{Cite web |title=ESET PROTECT Entry with ESET PROTECT Cloud |url=https://www.av-comparatives.org/products/protect-entry-with-eset-protect-cloud/ |access-date=2022-08-16 |website=AV-Comparatives |language=en-US}} to endpoint detection and response with ESET Enterprise Inspector.{{Cite web |title=ESET's endpoint detection and response capabilities put to the test in third MITRE Engenuity ATT&CK® Evaluations |url=https://www.eset.com/us/about/newsroom/press-releases/esets-endpoint-detection-and-response-capabilities-put-to-the-test-in-third-mitre-engenuity-attckr-4/ |access-date=2022-08-16 |website=eset.com |language=en-US}}

ESET also offers security products that help companies comply with GDPR requirements. These include ESET Secure Authentication, a two-factor authentication solution introduced in 2015,{{Cite web |title=Secure Authentication |url=https://www.topantivirus.nl/producten/Images/Product-Overview-ESET-Secure-Authentication.pdf}} and ESET Endpoint Encryption, which ESET released in 2017{{Cite web |title=Say Hello to ESET Endpoint Encryption {{!}} ESET |url=https://www.eset.com/gr-en/about/newsroom/press-releases/say-hello-to-eset-endpoint-encryption-1/ |access-date=2022-08-16 |website=eset.com |language=en-GR}} following the integration of DESlock+ products since 2015.{{Cite web |title=ESET Buys Recognized Data Encryption Leader DESlock |url=https://www.eset.com/int/about/newsroom/press-releases/products/eset-buys-recognized-data-encryption-leader-deslock/ |access-date=2022-08-16 |website=eset.com |language=en}} ESET Endpoint Encryption offers file, folder, email, and virtual disk encryption, as well as a desktop shredder for secure file deletion.{{Cite web |title=About ESET Endpoint Encryption {{!}} ESET Endpoint Encryption {{!}} ESET Online Help |url=https://help.eset.com/eee_client/5/en-US/ |access-date=2022-08-16 |website=help.eset.com}}

Along with its individual products and packages, ESET offers services designed mainly for corporations and large companies. These include managed detection and response, premium support, security audits, and incident response.{{Citation needed|date=April 2023}}

ESET has 13 R&D centres globally and is an operator in the field of malicious code detection.{{Cite web |title=Technology Whitepaper |url=https://www.eset.com/fileadmin/ESET/US/docs/about/ESET-Technology-Whitepaper.pdf}} In 1995, ESET introduced heuristic analysis{{Cite web |title=Understanding Heuristics |url=https://www.welivesecurity.com/media_files/white-papers/Understanding_Heuristics.pdf}}{{Cite web |title=Heuristic Analysis — Detecting Unknown Viruses |url=https://www.welivesecurity.com/wp-content/uploads/200x/white-papers/Heuristic_Analysis.pdf}} into its detection engine.

ESET has been using machine learning in its products, starting with neural networks, since 1997. In 2005, ESET incorporated a machine learning-based technology called DNA Detections, which extracts selected features – called genes – from samples. These genes split samples into clean, malicious and potentially unwanted categories. In 2019, ESET released an Advanced Machine Learning detection layer that can analyze samples locally on endpoints even when offline.{{Cite web |title=ESET ADVANCED MACHINE LEARNING |url=https://www.welivesecurity.com/wp-content/uploads/2019/11/ESET_Advanced_Machine_Learning.pdf}}

In 2011, ESET replaced ThreatSense.NET with ESET LiveGrid^®,{{Cite web |title=ESET LiveGrid® {{!}} ESET Glossary {{!}} ESET Online Help |url=https://help.eset.com/glossary/en-US/technology_livegrid.html |access-date=2022-08-16 |website=help.eset.com}} a cloud-based reputation system that evaluates unknown or suspicious samples submitted anonymously by millions of ESET-protected endpoints from around the world for machine learning analysis on servers in Bratislava.

ESET also uses additional security layers including Botnet Protection,{{Cite web |title=ESET LiveGrid® {{!}} ESET Glossary {{!}} ESET Online Help |url=https://help.eset.com/glossary/en-US/technology_livegrid.html?technology_botnet_protection.html |access-date=2022-08-16 |website=help.eset.com}} Network Attack Protection,{{Cite web |title=ESET LiveGrid® {{!}} ESET Glossary {{!}} ESET Online Help |url=https://help.eset.com/glossary/en-US/technology_livegrid.html?technology_network_attack_protection.html |access-date=2022-08-16 |website=help.eset.com}} Script-Based Attacks Protection,{{Cite web |title=ESET LiveGrid® {{!}} ESET Glossary {{!}} ESET Online Help |url=https://help.eset.com/glossary/en-US/technology_livegrid.html?technology_sbap.html |access-date=2022-08-16 |website=help.eset.com}} and Brute-Force Attack Protection.{{Cite web |date=2020-06-29 |title=Remote access at risk: Pandemic pulls more cyber‑crooks into the brute‑forcing game |url=https://www.welivesecurity.com/2020/06/29/remote-access-risk-pandemic-cybercrooks-bruteforcing-game/ |access-date=2022-08-16 |website=WeLiveSecurity |language=en-US}}

In 2017, ESET became the first security company in the world to implement a UEFI Scanner.{{Cite web |title=ESET LiveGrid® {{!}} ESET Glossary {{!}} ESET Online Help |url=https://help.eset.com/glossary/en-US/technology_livegrid.html?technology_uefi.html |access-date=2022-08-16 |website=help.eset.com}} UEFI is a firmware that is loaded into a computer's memory during the startup process. The scanner can identify threats while the computer is booting up, before standard detection modules start running.

ESET dedicates part of its operations to malware research, as well as to the monitoring of advanced persistent threat groups and other cybercriminal groups, with 40% of the company's employees working in research.{{Cite web |last=Revue |first=I. C. T. |date=2019-04-29 |title=ICT Revue |url=https://ictrevue.hn.cz/c3-66562280-0ICT00_d-66562280-eset-uzavrel-partnerstvi-se-spolecnosti-chronicle-ze-skupiny-alphabet |access-date=2022-08-16 |website=ICT Revue |language=cs}}

One of the groups that ESET tracked is Sandworm. After the 2015 attack on the Ukrainian power grid and the global NotPetya ransomware attack in 2017 – both attributed to Sandworm – ESET discovered Sandworm (more specifically, a subgroup that ESET tracks as TeleBots) deploying a new backdoor called Exaramel, which is a version of the main Industroyer backdoor. As Industroyer was used in the 2016 blackout in Ukraine,{{Cite web |title=Industroyer: An in-depth look at the culprit behind Ukraine's power grid blackout |url=https://www.zdnet.com/article/industroyer-an-in-depth-look-at-the-culprit-behind-ukraines-power-grid-blackout/ |access-date=2022-08-16 |website=ZDNet |language=en}} ESET linked Industroyer to NotPetya, as well as to BlackEnergy, which was used in the 2015 blackout.{{Cite magazine |last=Greenberg |first=Andy |title=Here's the Evidence That Links Russia's Most Brazen Cyberattacks |language=en-US |magazine=Wired |url=https://www.wired.com/story/sandworm-russia-cyberattack-links/ |access-date=2022-08-16 |issn=1059-1028}}

At the time of the NotPetya outbreak, ESET and Cisco tracked down the point from which the global ransomware attack had started to companies afflicted with a TeleBots backdoor, resulting from the compromise of M.E.Doc, a popular financial software in Ukraine.{{Cite web |title=M.E.Doc Software Was Backdoored 3 Times, Servers Left Without Updates Since 2013 |url=https://www.bleepingcomputer.com/news/security/m-e-doc-software-was-backdoored-3-times-servers-left-without-updates-since-2013/ |access-date=2022-08-16 |website=BleepingComputer |language=en-us}}

In March 2021, when Microsoft released out-of-band patches to fix the ProxyLogon vulnerability affecting on-premises versions of Microsoft Exchange Server, ESET discovered more than 10 APT groups leveraging the vulnerability to compromise them. ProxyLogon allows an attacker to take over any reachable Exchange server, even without knowing valid account credentials.{{Citation needed|date=April 2023}}

In addition, ESET found that multiple threat actors had access to the details of the vulnerabilities even before the release of the patches. Except for DLTMiner, which is linked to a known cryptomining campaign, all of these threat actors are APT groups interested in espionage: Tick, LuckyMouse, Calypso, Websiic, Winnti Group, Tonto Team, ShadowPad activity, The "Opera" Cobalt Strike, IIS backdoors, Mikroceen, DLTMiner,{{Cite web |title=More hacking groups join Microsoft Exchange attack frenzy |url=https://www.bleepingcomputer.com/news/security/more-hacking-groups-join-microsoft-exchange-attack-frenzy/ |access-date=2022-08-16 |website=BleepingComputer |language=en-us}} and FamousSparrow.{{Cite web |title=Hacking group used ProxyLogon exploits to breach hotels worldwide |url=https://www.bleepingcomputer.com/news/security/hacking-group-used-proxylogon-exploits-to-breach-hotels-worldwide/ |access-date=2022-08-16 |website=BleepingComputer |language=en-us}}

Another focus of ESET's research is on threats to Android devices. ESET discovered the first clipper malware in the Google Play Store called Android/Clipper.C,{{Cite web |last=Goodin |first=Dan |date=2019-02-09 |title=Google Play caught hosting an app that steals users' cryptocurrency |url=https://arstechnica.com/information-technology/2019/02/google-play-caught-hosting-an-app-that-steals-users-cryptocurrency/ |access-date=2022-08-16 |website=Ars Technica |language=en-us}} which can manipulate clipboard content. In the case of a cryptocurrency transaction, a wallet address copied to the clipboard could be quietly switched to one belonging to the attacker.{{Citation needed|date=May 2023}}

In the area of IoT research, ESET discovered the KrØØk vulnerability (CVE-2019-15126) in Broadcom and Cypress Wi-Fi chips, which allows WPA2-encrypted traffic to be encrypted with an all zero session key following a Wi-Fi disassociation.{{Cite web |title=New Kr00k vulnerability lets attackers decrypt WiFi packets |url=https://www.zdnet.com/article/new-kr00k-vulnerability-lets-attackers-decrypt-wifi-packets/ |access-date=2022-08-16 |website=ZDNet |language=en}} Then ESET discovered another KrØØk related vulnerability (CVE-2020-3702) in chips by Qualcomm and MediaTek, as well as in the Microsoft Azure Sphere development kit, with the main difference being that the traffic is not encrypted at all.{{Cite web |title=KrØØk attack variants impact Qualcomm, MediaTek Wi-Fi chips |url=https://www.bleepingcomputer.com/news/security/kr-k-attack-variants-impact-qualcomm-mediatek-wi-fi-chips/ |access-date=2022-08-16 |website=BleepingComputer |language=en-us}}

Other notable research includes the discovery of LoJax, the first UEFI rootkit found in the wild, which was used in a campaign by the Sednit (aka Fancy Bear) APT group. LoJax is written to a system's SPI flash memory from where it is able to survive an OS reinstall and a hard disk replacement. LoJax can drop and execute malware on disk during the boot process.{{Cite web |last=Dunn |first=John E. |title=Ransomware's Next Nasty Surprise: Pay Up Or We'll Brick Your PC's UEFI Firmware |url=https://www.forbes.com/sites/johndunn/2020/12/18/ransomwares-next-nasty-surprise-pay-up-or-well-brick-your-pcs-uefi-firmware/ |access-date=2022-08-16 |website=Forbes |language=en}} In 2021, ESET discovered another UEFI malware called ESPecter,{{Cite web |date=2021-10-05 |title=UEFI threats moving to the ESP: Introducing ESPecter bootkit |url=https://www.welivesecurity.com/2021/10/05/uefi-threats-moving-esp-introducing-especter-bootkit/ |access-date=2022-08-16 |website=WeLiveSecurity |language=en-US}} which is the second real-world bootkit after FinSpy{{Cite web |title=FinSpy: unseen findings |url=https://securelist.com/finspy-unseen-findings/104322/ |access-date=2022-08-16 |website=securelist.com|date=28 September 2021 }} known to persist on the EFI System Partition in the form of a patched Windows Boot Manager.

In 2021, ESET released the white paper Anatomy of native IIS malware,{{Cite web |title=Anatomy Of Native Iis Malware |url=https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Anatomy-Of-Native-Iis-Malware-wp.pdf }} which analyzed over 80 unique samples of malicious native extensions for Internet Information Services (IIS) web server software used in the wild and categorized these into 14 malware families — 10 of which were previously undocumented.

Among these families, IIS malware demonstrated five main modes of operation:

• IIS backdoors, which can remotely control compromised computers;
• IIS infostealers, which steal information such as login credentials and payment information;
• IIS injectors, which modify HTTP responses sent to legitimate visitors to serve malicious content;
• IIS proxies, which use the compromised server as unwitting parts of the command and control infrastructure for another malware family; and
• SEO fraud IIS malware, which modifies the content served to search engines.

ESET also works alongside experts from competitors and police organizations all over the world to investigate attacks. In 2018, ESET partnered with the European Cybercrime Centre — a specialist Europol team that investigates cybercrime — as a member of its Advisory Group on Internet Security.{{Cite web |last=ESET |title=ESET, the leading endpoint IT security company based in the European Union, is now a member of Europol's Advisory Group on Internet Security [Press release] |url=https://www.eset.com/int/about/newsroom/press-releases/company/european-unions-leading-it-security-company-eset-joins-europols-advisory-group-on-internet-securit-1/ |access-date=18 July 2018}}{{Cite web |title=EC3 Partners |url=https://www.europol.europa.eu/about-europol/european-cybercrime-centre-ec3/ec3-partners |access-date=2022-08-16 |website=Europol |language=en}} ESET partnered with law enforcement agencies worldwide and Microsoft to target the Dorkbot botnet in 2015{{Cite web |title=EUROPOL WORKS WITH INTERNATIONAL PARTNERS TO TARGET DORKBOT BOTNET |url=https://www.europol.europa.eu/media-press/newsroom/news/europol-works-international-partners-to-target-dorkbot-botnet |access-date=2022-08-16 |website=Europol |language=en}} and the Gamarue (aka Andromeda) botnet in 2017.{{Cite web |title=World Police Shut Down Andromeda (Gamarue) Botnet |url=https://www.bleepingcomputer.com/news/security/world-police-shut-down-andromeda-gamarue-botnet/ |access-date=2022-08-16 |website=BleepingComputer |language=en-us}} Then in 2020, ESET partnered with Microsoft, Lumen's Black Lotus Labs, and NTT Ltd. in an attempt to disrupt Trickbot, another botnet.{{Cite web |title=Microsoft and others orchestrate takedown of TrickBot botnet |url=https://www.zdnet.com/article/microsoft-and-other-tech-companies-orchestrate-takedown-of-trickbot-botnet/ |access-date=2022-08-16 |website=ZDNet |language=en}}

{{Portal|Companies}}

• Antivirus software
• Comparison of antivirus software
• Comparison of computer viruses

{{Reflist}}

{{Commons category|ESET}}

• {{Official website}}

{{Antivirus software}}

{{DEFAULTSORT:Eset}}

Category:Software companies of Slovakia

Category:Companies of Slovakia

Category:Computer security software companies

Category:Companies based in Bratislava

Category:Software companies established in 1992

Category:Slovak brands