Advanced Endpoint Protection (AEP)



11 out of 20 Verified
Products Achieved
Recommended Rating

9 out of 20 Verified
Products Missed at
Least One Evasion

The Security Effectiveness of
Verified Products Ranged
Between 59.4% and 99.4%

Advanced Endpoint Protection (AEP)

What is Advanced Endpoint Protection (AEP)?

Advanced endpoint protection (AEP) products focus on preventing cybercriminals from ever reaching or executing on the endpoint. These products employ sophisticated techniques such as machine learning, pattern recognition, or predictive algorithms to detect and block malware and to contain suspicious activities. Additionally, AEP products monitor processes running on endpoints, detect any communication with potentially malicious hosts, and conduct audits of file systems and registries. To enhance the user experience, AEP products typically automate threat remediation policies as well as provide containment capabilities to protect the endpoint.

What We Tested

NSS Labs' Advanced Endpoint Protection (AEP) Group Test evaluates market-leading AEP products on security effectiveness, secure communication, threat event reporting, and total cost of ownership (TCO). The AEP Group Test provides individual Test Reports and Comparative Reports that enable enterprises to make informed decisions to evolve and rationalize their cyber risk programs.

What You Get
AEP Product Test Reports

Security Comparative Report

The Security Comparative Report provides high-level analysis of the security effectiveness of different AEP products in the market. The report provides comparisons of blocking capabilities, detection capabilities, and resistance to common evasion techniques.

Using this report, enterprise security teams can compare security effectiveness and resistance to evasion techniques across different AEP products.

Example Report

Total Cost of Ownership (TCO) Comparative Report

The TCO Comparative Report provides a comparison of the costs associated with product purchase, maintenance, support, and installation, as well as threat-associated costs.

Using the TCO Comparative Report, enterprise C-suite and management can understand the true TCO of a product over a three-year period, incorporating product purchase cost, product operational cost, and the overall capability score of a product.

Example Report

Security Value MapTM (SVM) Comparative Report

Empirical data from individual Test Reports and Comparative Reports is used to create NSS Labs' unique Security Value Map (SVM). The SVM illustrates the relative value of security investment by mapping the Security Effectiveness and the Total Cost of Ownership (TCO) per Protected Agent (Value) of tested product configurations.

The SVM Comparative Report provides an aggregated view of the detailed findings from NSS' group tests. Using this report, enterprise security decision makers can see the relative value of security investments.

Example Report

Individual Test Reports

Test Reports provide detailed analysis for each product tested. Data from these reports is used in NSS' Comparative Reports.

Test Reports enable enterprise security teams to understand the impact of features and limitations across different products. These reports are used to shortlist products for further evaluation and proof-of concept testing.