AV-Comparatives - Experts & Thought Leaders

AV-Comparatives, the globally recognized authority in independent cybersecurity testing, has released its Enterprise Security Test 2025 (March to June). This is the most extensive public evaluation to date of enterprise endpoint protection platforms (EPP), endpoint detection and response (EDR), and extended detection and response (XDR) solutions. Seventeen high-performing enterprise-grade cybersecurity products were rigorously evaluated using real-world attack simulations and scientifically sound methodologies, offering a comprehensive view of modern endpoint defense capabilities. Key strengths and capabilities The report includes individual product descriptions that outline key strengths and capabilities to help IT decision-makers select the most suitable solution based on their organization's size, infrastructure, and security priorities. Unmatched Scope This is the largest public comparative test of enterprise EPP, EDR, and XDR solutions globally. Only mature, high-performing products were included. These had already demonstrated consistent reliability and strong protection in previous assessments. Holistic Analysis Each product was evaluated across four mission-critical dimensions: Real-World Protection: Simulates internet-based threats encountered in active business environments. Malware Protection: Evaluates detection of malicious files introduced via non-web vectors such as USB drives, network shares, or those already present on disk. False Positive Rates: Measures detection accuracy and the ability to avoid blocking legitimate software. Performance Impact: Quantifies system load and slowdowns during typical business operations. To support enterprise IT pioneers, the report includes an extensive feature matrix (page 57) detailing the core and advanced capabilities of each tested solution. This includes management interfaces, deployment models, threat response tools, and third-party integration support, helping organizations make informed side-by-side comparisons. All evaluated products represent enterprise-ready solutions that meet modern protection standards. Each product received the AV-Comparatives Approved Enterprise Product Seal, recognizing their proven security effectiveness, operational reliability, and readiness for large-scale deployment. Fast-evolving threats Peter Stelzhammer, co-founder of AV-Comparatives, commented: "CISOs and IT leaders face complex, fast-evolving threats. Independent validation is not a luxury – it is essential. This test series provides evidence-based insights into how EPP, EDR, and XDR solutions perform in the field. We apply strict, scientifically grounded methodologies to help enterprises choose wisely."

AV-Comparatives, the globally recognized authority in independent cybersecurity testing, has released its 2024 Endpoint Prevention and Response (EPR) Comparative Report, showcasing the exceptional performance of pioneering cybersecurity solutions. The report evaluates the ability of these products to detect, prevent, and respond to advanced threats in real-world scenarios. MITRE ATT&CK® framework AV-Comparatives' rigorous assessment covered products from Bitdefender, Check Point, CrowdStrike, ESET, Kaspersky, Palo Alto Networks, and VIPRE, measuring each against a broad spectrum of complex attack vectors, such as PowerShell Empire, Metasploit Framework, and Commercial Attack Frameworks. The testing utilized the MITRE ATT&CK® framework, ensuring that the results provide invaluable insights for organizations looking to bolster their endpoint security. AV-Comparatvies' EPR Test AV-Comparatvies' EPR Test is designed to evaluate the efficacy of these solutions in countering complex Endpoint Protection Products (EPP), Endpoint Detection and Response (EDR), and Extended Detection and Response (XDR) solutions are vital components of enterprise security, providing defenses against targeted threats such as advanced persistent threats (APTs).  AV-Comparatvies' Endpoint Prevention and Response (EPR) Test is designed to evaluate the effectiveness of these solutions in countering complex, multi-stage attacks that target an organization's entire infrastructure. Top performers (in alphabetical order) Bitdefender had strong detection and response capabilities, delivering consistent protection across various threat scenarios. Check Point demonstrated reliable and comprehensive threat prevention, proving its effectiveness in mitigating complex cyber risks. CrowdStrike delivered a strong performance, showing reliable threat detection and response capabilities, ensuring minimal disruption to operations. ESET provided well-rounded defense strategies, particularly effective in handling advanced and emerging threats. Kaspersky offered a robust set of protection tools, proving reliable in both the detection and prevention of targeted attacks. Palo Alto Networks delivered a solid performance, reinforcing its capabilities in proactive threat detection and security innovation. VIPRE delivered efficient protection, providing reliable defense mechanisms at a competitive cost. These vendors achieved outstanding results by demonstrating their ability to protect against and respond to advanced persistent threats (APTs), ransomware, and other complex cyberattacks. This year's evaluation highlighted their continual evolution in response to the growing complexity of attack tactics, techniques, and procedures (TTPs). Comprehensive evaluation The testing spanned several months, from June to August 2024, with products undergoing assessments in multiple phases, from Initial Access and Lateral Movement till Exfiltration and Impact. Each product was tested in real-world attack scenarios to simulate the high-stakes environments that enterprises face today. AV-Comparatives emphasized the importance of these evaluations: "As cyberattacks grow more sophisticated, it is critical for organizations to rely on solutions that can offer not only prevention but also rapid and effective response capabilities. Our 2024 EPR report serves as a benchmark for IT professionals and cybersecurity analysts to assess and choose the most effective cybersecurity solutions." Endpoint security solutions AV-Comparatives EPR Test and MITRE Engenuity have their merits, each providing insights into endpoint security keys The difference between AV-Comparatives' EPR Test and MITRE ATT&CK Engenuity. Both the AV-Comparatives EPR Test and MITRE Engenuity have their merits, each providing useful insights into endpoint security solutions. Understanding the differences between these two tests is essential for IT managers, CISOs, and other tech-savvy professionals looking to select endpoint security solutions that will effectively protect their environments. Key takeaways for CISOs and cybersecurity analysts For CISOs and cybersecurity analysts, the 2024 EPR Comparative Report provides a data-driven perspective on the capabilities of pioneering vendors. It offers an in-depth analysis of how each product performs under pressure, which is essential for making informed decisions about endpoint security investments. Given the evolving threat landscape, selecting the right EPR solution can significantly reduce the risk of breaches and improve overall incident response.

AV-Comparatives, a globally recognized independent organization specializing in cybersecurity testing, is pleased to announce the results of its 2024 Advanced Threat Protection (ATP) Test for enterprise cybersecurity solutions. This comprehensive evaluation provides Chief Information Security Officers (CISOs) with critical insights into the efficacy of leading endpoint protection products against sophisticated, targeted cyber threats. ATP Test The ATP Test rigorously assesses each product's ability to defend against advanced persistent threats (APTs), which are complex, multi-stage attacks aimed at specific organizations. By simulating real-world attack scenarios, the test offers an objective measure of how well security solutions can prevent breaches that could lead to significant financial and reputational damage. 2024 evaluation products The 2024 evaluation included the following enterprise security products: Avast Ultimate Business Security 24.8 Bitdefender GravityZone Business Security Premium 7.9 CrowdStrike Falcon Pro 7.16 ESET PROTECT Entry with ESET PROTECT Cloud 11.1 Kaspersky Endpoint Security for Business – Select, KSC 12.6 NetSecurity ThreatResponder 3.5 ATP Enterprise Certification All products achieved ATP Enterprise Certification, underscoring their effectiveness Each of these solutions demonstrated robust protection capabilities, successfully blocking a significant number of advanced attacks. Notably, all six products achieved AV-Comparatives' prestigious ATP Enterprise Certification, underscoring their effectiveness in safeguarding enterprise environments against sophisticated threats. Clear comparison For CISOs and decision-makers, these results serve as a valuable resource for selecting security solutions that align with their organization's specific needs. The detailed findings offer a clear comparison of each product's strengths, facilitating informed decisions to enhance organizational cybersecurity postures. AV-Comparatives remains committed to providing transparent, scientifically rigorous evaluations of cybersecurity products. By delivering unbiased assessments, we empower organizations to make informed choices in an ever-evolving threat landscape. Methodology AV-Comparatives used five different Initial Access Phases, distributed among the 15 test cases, mapped to the MITRE ATT&CK Matrix (c) Trusted Relationship: "Adversaries may breach or otherwise leverage organizations who have access to intended victims. Access through trusted third-party relationship exploits an existing connection that may not be protected or receives less scrutiny than standard mechanisms of gaining access to a network." Valid accounts: "Adversaries may steal the credentials of a specific user or service account using Credential Access techniques or capture credentials earlier in their reconnaissance process through social engineering […]." Replication Through Removable Media: "Adversaries may move onto systems […] by copying malware to removable media […] and renaming it to look like a legitimate file to trick users into executing it on a separate system. […]" Phishing: Spearphishing Attachment: "Spearphishing attachment is […] employs the use of malware attached to an email. […]" Phishing: Spearphishing Link: "Spearphishing with a link […] employs the use of links to download malware contained in email […]." Business Security Test August-September 2024 – Factsheet Read also the latest Business Security Factsheet for August-September 2024, containing the results of the Business Malware Protection Test (September) and Business Real-World Protection Test (August-September). The full report, including the Performance Test and product reviews, will be released in December. Tested Products: Avast Ultimate Business Security Bitdefender GravityZone Business Security Premium CISCO Secure Endpoint Essentials CrowdStrike Falcon Pro Elastic Security ESET PROTECT Entry with ESET PROTECT Cloud G Data Endpoint Protection Business K7 On-Premises Enterprise Security Advanced Kaspersky Endpoint Security for Business – Select, KSC Microsoft Defender Antivirus with Microsoft Endpoint Manager NetSecurity ThreatResponder Rapid7 InsightIDR SenseOn Platform with EPP Sophos Intercept X Advanced Trellix Endpoint Security (ENS) VIPRE Endpoint Detection and Response VMware Carbon Black Cloud Endpoint Standard Details: Bitdefender, Sophos, Cisco, and ESET all achieved exceptional scores, with Bitdefender delivering a flawless performance in both the Real-World Protection and Malware Protection tests. Kaspersky, Trellix, VIPRE, and G Data also maintained strong protection rates with no false alarms on critical business software. Avast, CrowdStrike, K7, and Microsoft demonstrated robust security features while maintaining a balance between protection and low system impact. Other top performers include Elastic, NetSecurity, Rapid7, SenseOn, and VMware, all of which delivered competitive results, meeting or exceeding the high standards required for certification. Zero false positives Across the board, these products ensured a high level of security for enterprise environments, with zero false positives on common business software. The tests were conducted under real-world conditions to reflect the cybersecurity challenges and demands faced by modern enterprises. Peter Stelzhammer, co-founder of AV-Comparatives, "Our rigorous testing process highlights the high quality of enterprise security solutions available today. These products offer businesses both the strong protection they need and the performance they demand."