Test: endpoint security with some weak results

Share post

The AV-Comparatives laboratory tested and evaluated 17 enterprise endpoint solutions. When tested with 0-day malware, only 4 products were able to reach the 100 percent mark. Only 3 products when tested for known malware.

The independent ISO-certified security software evaluation laboratory AV-Comparatives has released the latest test results from its Business Main-Test Series, which evaluates a range of antivirus products in corporate environments. The published factsheet contains results from the ongoing Enterprise Main-Test Series, which includes real-world protection and malware protection tests for August and September 2022.

🔎 Result of live test with 316 malware samples. Info: Compromised was wrongly translated as compromise (AVC image). 

17 corporate solutions tested

In business environments, it is common for endpoint products to be configured by the system administrator according to vendor manuals. For the Enterprise Main-Test Series, AV-Comparatives invited all vendors to configure their respective products for an enterprise-oriented environment. The applied settings are then used for all enterprise tests throughout the year. AV-Comparatives has listed all relevant deviations from the standard settings.

The following products have been tested (at the time of testing with the currently available version) on Windows 10 64-bit systems:

  • Acronis Cyber ​​Protect Cloud with Advanced Security Pack
  • Avast Ultimate Business Security
  • Bitdefender GravityZone Elite
  • Cisco Secure Endpoint Essentials
  • Crowd Strike Falcon Pro
  • Cybereason Enterprise
  • elastic security
  • ESET PROTECT Entry with ESET PROTECT Cloud
  • G Data Endpoint Protection Business
  • K7 On-Premises Enterprise Security Advanced
  • Kaspersky Endpoint Security for Business Select with KSC
  • Malwarebytes EDR
  • Microsoft Defender Antivirus with Microsoft Endpoint Manager
  • Sophos Intercept X Advanced
  • Trellix FireEye Endpoint Security
  • VIPRE Endpoint Protection Cloud
  • WatchGuard Endpoint Protection Plus on Ether

Real world test with 316 live cases

The Real-World Protection Test results published by AV-Comparatives are based on 316 live full-chain attack test cases, including working exploits and URLs pointing directly to malware. The test cases used cover a wide range of current malicious websites and underline the protection quality of different products. This AV Test by AV-Comparatives provides in-depth insights into the capabilities of 18 popular enterprise security products.

🔎 Only 1.005 products managed to recognize 3 samples (Image: AVC).

Detection of 1.005 samples at the endpoint

In addition to detection rates, the test also examines a product's ability to prevent a malicious program from making changes to the system. The test set used for this test consisted of 1.005 malware samples. To ensure that the tested programs do not protect the system at the expense of high false alarm rates, a false positive test is also carried out in the Malware Protection Test. The results of the false alarm test are also included in the fact sheet.

More at AV-Comparatives.org

 


About AV-Comparatives

AV-Comparatives is an independent AV test laboratory based in Innsbruck, Austria, and has been publicly testing computer security software since 2004. It is certified according to ISO 9001: 2015 for the area of ​​"Independent tests of anti-virus software". It also has EICAR certification as a "Trusted IT Security Testing Lab".


 

Matching articles on the topic

Wireless security for OT and IoT environments

Wireless devices are becoming more and more common. This increases the number of access points through which attackers can penetrate networks. A new ➡ Read more

Professional cybersecurity for SMEs

Managed detection and response (MDR) for SMEs 24/7, 365 days a year. The IT security manufacturer ESET has expanded its offering ➡ Read more

Prevent malicious software from starting

A cyber protection provider has added a new feature to its security platform. It improves cybersecurity by preventing the launch of malicious or ➡ Read more

Pikabot: camouflage and deceive

Pikabot is a sophisticated and modular backdoor Trojan that first appeared in early 2023. His most notable quality lies in ability ➡ Read more

Ransomware-resistant WORM archives for data backup 

A data archive is a must for every company. Few people know: An active WORM archive can help to streamline data backup, ➡ Read more

Danger of election manipulation through cyber attacks

Cyberattackers are attempting to influence elections around the world using generative AI technology. The latest findings from the Global Threat Report ➡ Read more

Detect and defend against threats

In today's digitalized business landscape, combating threats requires a continuous, proactive and holistic approach. Open Extended ➡ Read more

Backup for Microsoft 365 – new extension

A simple and flexible Backup-as-a-Service (BaaS) solution extends data backup and ransomware recovery functionality for Microsoft 365, reducing downtime ➡ Read more