Subscribe to Email Updates

Subscribe

WhatsApp Image 2019-12-18 at 15.16.11

A Perfect AV-Comparatives Detection score: What does it mean?

By Bogdan Carlescu on Dec 18, 2019 | 0 Comments

With an ever-changing Cybersecurity Industry and a growing number or security solutions, it becomes harder and harder for an organization to decide which should be the solution of choice to protect its digital assets. As it is nearly impossible or at least impractical for a security buyer to test all the security solutions, the industry tests are a critical benchmark that help organizations decide.

On December 16th, AV-Comparatives, the leading independent testing organization, released its latest revision of “Business Security Test” and a brand new “Enhanced Real-World Test for Advanced Threat Protection”. 

enterprise-chart

What is AV-Comparatives testing and how should the results be read?

As noted in the introduction of Business Security Test, the evaluation series consists of three main parts:

  • The Real-World Protection Test evaluates the capacity of endpoint security software to protect the device against malware attacks that a typical employee might encounter.
  • The Malware Protection Test considers a scenario in which the malware pre-exists on the disk or enters the test system through the local area network or removable device, rather than directly from the Internet.
  • The Performance Test looks at the impact each product has on the system’s performance, such as how much it slows down the PC while performing everyday tasks.

In addition to each of the protection tests, AV-Comparatives also conducts a false-positives test, to check whether any products falsely identifies legitimate software as harmful.

The new Enhanced Real-World Test complements the Business Security series and is designed to evaluate how security products detect and block sophisticated attacks, such as fileless threats and exploits. Mid and large organizations, are particularly targeted and AV-Comparatives specifically built this test in response to concerns from industry analysts and CISOs.

Enhanced Real-World Test vs MITRE Test

Interesting to note is the different methodology used by AV-Comparatives in the Enhanced Real-World Test when compared to another recent industry test: the MITRE framework. The goal of MITRE is to evaluate the product’s ability to detect and extract as much data about the attack. Vendors set the products to “log only” mode to allow mapping of the entire attack chain.

The Enhanced Real-World Test aims to determine how well a security solution protects the system during everyday use. The key question is whether the product protects the system against the attack. What actually blocks the attack and at which stage is less important. The tests use a range of techniques and resources, mimicking malware used in the real world. Some examples are popular scripting languages (JavaScript, batch files, PowerShell, Visual Basic scripts, etc.) featuring both staged and non-staged execution, obfuscation and/or encryption of malicious code, or execution under stolen valid accounts. For full description of test cases, visit: www.av-comparatives.org

Bitdefender scores 100% on both Real-World and Enhanced Real-World tests

Continuing a long tradition of top detection capabilities both for common and advanced threats, Bitdefender delivered a perfect score on both Real-World and Enhanced Real-World tests (100% detections). This result clearly shows the ability of GravityZone to effectively protect the systems in all scenarios relevant for daily business usage. It also proves that the layered security approach employed by Bitdefender outperforms other approaches in the industry, like heavy reliance on EDR components.

For more information on GravityZone, please visit: www.bitdefender.com/business). To review the full tests results, visit: www.av-comparatives.com

Share This Post On

Author: Bogdan Carlescu

Acting Cybersecurity Professional and Sr. Product Marketing Manager at Bitdefender, Bogdan has extensive international experience in various roles across IT Industry, including IT Systems Integration, Cybersecurity, Sales Engineering and Product Management. He enjoys combining his engineering background with industry knowledge and business sense to fulfill his professional mission: help businesses grow by leveraging technology.