With an ever-changing Cybersecurity Industry and a growing number or security solutions, it becomes harder and harder for an organization to decide which should be the solution of choice to protect its digital assets. As it is nearly impossible or at least impractical for a security buyer to test all the security solutions, the industry tests are a critical benchmark that help organizations decide.
On December 16th, AV-Comparatives, the leading independent testing organization, released its latest revision of “Business Security Test” and a brand new “Enhanced Real-World Test for Advanced Threat Protection”.
What is AV-Comparatives testing and how should the results be read?
As noted in the introduction of Business Security Test, the evaluation series consists of three main parts:
- The Real-World Protection Test evaluates the capacity of endpoint security software to protect the device against malware attacks that a typical employee might encounter.
- The Malware Protection Test considers a scenario in which the malware pre-exists on the disk or enters the test system through the local area network or removable device, rather than directly from the Internet.
- The Performance Test looks at the impact each product has on the system’s performance, such as how much it slows down the PC while performing everyday tasks.
In addition to each of the protection tests, AV-Comparatives also conducts a false-positives test, to check whether any products falsely identifies legitimate software as harmful.
The new Enhanced Real-World Test complements the Business Security series and is designed to evaluate how security products detect and block sophisticated attacks, such as fileless threats and exploits. Mid and large organizations, are particularly targeted and AV-Comparatives specifically built this test in response to concerns from industry analysts and CISOs.
Enhanced Real-World Test vs MITRE Test
Interesting to note is the different methodology used by AV-Comparatives in the Enhanced Real-World Test when compared to another recent industry test: the MITRE framework. The goal of MITRE is to evaluate the product’s ability to detect and extract as much data about the attack. Vendors set the products to “log only” mode to allow mapping of the entire attack chain.
Bitdefender scores 100% on both Real-World and Enhanced Real-World tests
Continuing a long tradition of top detection capabilities both for common and advanced threats, Bitdefender delivered a perfect score on both Real-World and Enhanced Real-World tests (100% detections). This result clearly shows the ability of GravityZone to effectively protect the systems in all scenarios relevant for daily business usage. It also proves that the layered security approach employed by Bitdefender outperforms other approaches in the industry, like heavy reliance on EDR components.