A Perfect AV-Comparatives Detection score: What does it mean?

With an ever-changing Cybersecurity Industry and a growing number or security solutions, it becomes harder and harder for an organization to decide which should be the solution of choice to protect its digital assets. As it is nearly impossible or at least impractical for a security buyer to test all the security solutions, the industry tests are a critical benchmark that help organizations decide.

On the 16th of December, Comparatives, independent organization that tests anti-virus software, released its latest revision of “Business Security Test” and a brand new “Enhanced Real-World Test, Advanced Threat Protection”. ” and a brand new “Enhanced Real-World Test, Advanced Threat Protection”.

What is AV-Comparatives testing and how should the results be read?

As noted in the introduction of Business Security Test, the test series consists of three main parts:

Sponsorships Available

Sponsorships Available

Sponsorships Available

• The Real-World Protection Test evaluates the capacity of endpoint security software to protect the device against malware attacks that a typical business user might encounter when surfing the Internet.
• The Malware Protection Test considers a scenario in which the malware pre-exists on the disk or
• enters the test system via e.g. the local area network or removable device, rather than directly from the Internet.
• The Performance Test looks at the impact each product has on the system’s performance, i.e. how much it slows down normal use of the PC while performing certain tasks.

In addition to each of the protection tests, AV-Comparatives also conducts a false-positives test, to check whether any products falsely identify legitimate software as harmful.

The new Enhanced Real-World Test complements the Business Main-Test Series and is designed to evaluate the ability of the products to detect and block sophisticated attacks such as file-less threats and exploits. Larger organizations in particular are frequently targeted by such attacks and AV-Comparatives built this test as it was often requested by industry analysts and CISOs.

Enhanced Real-World Test vs MITRE Test

Interesting to note is the different methodology used by AV-Comparatives in the Enhanced Real-World Test when compared to another recent industry test: the MITRE test. If the goal of the MITRE test is to evaluate the product’s ability to detect and extract as much data about the attack – vendors set the products to “log only” mode to allow the logging of the entire attack execution – the Enhanced Real-World Test aims to determine how well a security solution protects the system during everyday use.

The key question to answer is whether the product protects the system against the attack, while the protection component that blocks the attack and at which stage the attack is stopped is less important. The tests use a range of techniques and resources, mimicking malware used in the real world. Some examples are popular scripting languages (JavaScript, batch files, PowerShell, Visual Basic scripts, etc.) featuring both staged and non-staged execution, obfuscation and/or encryption of malicious code, or execution under stolen valid accounts. For full description of test cases, visit: www.av-comparatives.org

Bitdefender scores 100% on both Real-World and Enhanced Real-World tests

Continuing a long tradition of top detections capabilities both for common and advanced threats, Bitdefender delivered a perfect score on both Real-World and Enhanced Real-World tests (100% detections). This result clearly shows the ability of GravityZone to effectively protect the systems in all scenarios relevant for daily business usage. It also proves that the layered security approach employed by Bitdefender outperforms other approaches in the industry, like heavy reliance on EDR components.

For more information on GravityZone Elite (the Bitdefender Security Solution included in the tests, please visit: www.bitdefender.com/elite). To review the full tests results, visit: www.av-comparatives.com