Corporate Endpoint Protection Group Test Anti-Evasion Q3 2010

The longer the attack can be used without detection, the greater the number of computers that can be owned. This group test report analyzes some of the common methods used by cyber criminals to circumvent or evade detection by antimalware or Endpoint Proteciton Products (EPP).

Cyber criminals do not just develop one attack and move on. Rather, like any other efficiency-minded white collar worker, they would seek to make that software usable for as long as possible. Thus, they utilize evasion techniques in order to circumvent detection by security products. Research indicates that cyber criminals perform their own testing and make strategic use of evasion techniques. These routinely appear in exploit kits for example.

Understanding which products have coverage for the various evasion techniques is an important indicator of product quality that enterprise IT buyers need to be aware of. Enterprises seeking protection from attacks against desktop PCs should closely examine results from this test.

This test report is the first of its kind, and the results are only available here. All testing was conducted independently and without sponsorship.

Tested Products:

• AVG® Internet Security Business Edition
• ESET Smart Security® Enterprise
• F-Secure® Client Security for Business
• Kaspersky Business Space Security with Internet Security
• McAfee® Total Protection for Endpoint
• Norman® Endpoint Protection
• Panda Internet Security (Enterprise)
• Sophos Endpoint Security and Control
• Symantec™ Endpoint Protection
• Trend Micro™ OfficeScan Plus IDF Plug-in

Endpoint Category
Subscription required