11 products receive Recommended Rating; 4 products receive Security Recommended Rating;
1 product receives Neutral rating; and 5 products receive Caution Rating
AUSTIN, Texas – April 17, 2018 – NSS Labs, Inc., a global leader and trusted source for independent, fact-based cybersecurity guidance, today announced the results of its 2018 Advanced Endpoint Protection (AEP 2.0) Group Test. In this year’s test, 20 products from market-leading vendors were examined for security effectiveness and total cost of ownership (TCO).
Industry analysts estimate that 70% of successful breaches originate at the endpoint, and it is predicted that the endpoint security market will reach $17.38 billion by 2020. In 2017, the average cost of a successful endpoint attack was $5 million in downtime, damages, and loss of productivity. Legacy antivirus (AV) and next-generation AV solutions have become increasingly ineffective at protecting endpoints from advanced threats and attacks. Dealing with modern cyberthreats that target endpoints requires a fundamentally different approach. Advanced endpoint protection (AEP) is a disruptive technology that focuses on preventing cybercriminals from ever reaching or executing on the endpoint.
AEP products employ sophisticated techniques such as machine learning, pattern recognition, or predictive algorithms to detect and block malware that contains suspicious activities. Additionally, AEP products monitor processes running on endpoints, detect communication with potentially malicious hosts, and conduct audits of file systems and registries. AEP products typically implement automated threat remediation policies and provide containment capabilities to protect the endpoint.
In this second iteration of the NSS Labs AEP Group Test, products were tested against evasions, which have become the latest weapons used by adversaries to circumvent security controls. In addition to evasions, products were also tested against malware delivered through HTTP, email, docs and scripts, offline threats, unknown threats, exploits, and blended threats.
Key findings from the test:
- The Security Effectiveness of verified products ranged between 59.4% and 99.4%, with 10 of the 20 verified products achieving a rating greater than 95%.
- The average Security Effectiveness rating was 88.6%; fifteen of the verified products received an above-average Security Effectiveness rating, and five received a below-average Security Effectiveness rating.
- Nine verified products missed at least one evasion.
- TCO per Protected Agent for verified products ranged between US$146 and US$1,783, with most tested products costing less than US$750 per protected agent.
- The average TCO per Protected Agent (Value) was US$690; twelve products demonstrated value above the average, and nine demonstrated value below the average.
“The 2018 Advanced Endpoint Protection Group Test aims to determine how effective AEP products are at protecting against threats, regardless of infection vector or method of obfuscation,” said Jason Brvenik, Chief Technology Officer at NSS Labs. “In this year’s test, only 75% of the products tested achieved 90% or higher security effectiveness. These findings enable enterprises to understand which AEP products are best suited to their use cases and which will best protect their organizations.”
1IDC “Cybercrime the Credentials Connection” March 2016
2Markets and Markets “Endpoint Security Market Worth $17.38 Billion USD by 2020” November 2015
3Ponemon Institute “2017 State of Endpoint Security Risk” November 2017
The following products were tested:
- Bitdefender GravityZone Elite v18.104.22.1685
- Carbon Black Cb Defense v22.214.171.124
- Cisco AMP for Endpoints v6.0.5
- Comodo Advanced Endpoint Protection v3.18.0
- Cylance CylancePROTECT + OPTICS v2.0.1450
- Endgame Endpoint Security v2.5
- enSilo Endpoint Security Platform v2.7
- ESET Endpoint Protection Standard v6.5.522.0
- FireEye Endpoint Security v4
- Fortinet FortiClient v5.6.2
- G DATA Endpoint Protection Business v126.96.36.199
- Kaspersky Lab Kaspersky Endpoint Security v10
- Malwarebytes Endpoint Protection v188.8.131.52
- McAfee Endpoint Security v10.5
- Palo Alto Networks Traps v4.1
- Panda Security Panda Adaptive Defense 360 v2.4.1
- SentinelOne Endpoint Protection Platform (EPP) v184.108.40.20648
- Sophos Endpoint Protection 10.7.6 VE3.70.2
- Symantec Endpoint Protection and Advanced Threat Protection (ATP) Platform v14.0.3876.1100
- Trend Micro Smart Protection for Endpoints v12.0.1864
NSS Labs is committed to providing empirical data and objective group test results that enable organizations to make educated decisions about purchasing and optimizing security infrastructure products and services. As with all NSS Labs group tests, there is no fee for participation, and the test methodology is available in the public domain to provide transparency and to help enterprises understand the factors behind test results. Click here for more information about our group test policies.
Click here for more information on this test and the test methodology used or to purchase the individual Test Reports. Click here to download the Security Value Map™, which provides a graphic comparison of Security Effectiveness and TCO across the tested products.
- Purchase the NSS Labs 2018 AEP Group Test Reports
- View the 2018 AEP Group Test Methodology
- Register to attend an AEP Group Test briefing session at the RSA Conference
- View the full schedule of NSS Labs sessions and events at the RSA Conference
- Read our white paper titled “Sifting through endpoint security hype and reality”
- Read our blog titled “Buying an AEP Product: What’s Your Use Case?”
- Learn more about NSS Labs’ Security Product Testing
- Learn more about NSS Labs’ Test Policies
- Learn more about NSS Labs’ Cloud Platform for Continuous Security Validation
- Follow NSS Labs on Twitter
- Follow NSS Labs on LinkedIn
- Browse the NSS Labs Research Library