11 products receive Recommended Rating; 4 products receive Security Recommended Rating;
1 product receives Neutral rating; and 5 products receive Caution Rating

AUSTIN, Texas – April 17, 2018 – NSS Labs, a global leader and trusted source for independent, fact-based cybersecurity guidance, today announced the results of its 2018 Advanced Endpoint Protection (AEP 2.0) Group Test. In this year’s test, 20 products from market-leading vendors were examined for security effectiveness and total cost of ownership (TCO).

Industry analysts estimate that 70% of successful breaches originate at the endpoint, and it is predicted that the endpoint security market will reach $17.38 billion by 2020. In 2017, the average cost of a successful endpoint attack was $5 million in downtime, damages, and loss of productivity. Legacy antivirus (AV) and next-generation AV solutions have become increasingly ineffective at protecting endpoints from advanced threats and attacks. Dealing with modern cyberthreats that target endpoints requires a fundamentally different approach. Advanced endpoint protection (AEP) is a disruptive technology that focuses on preventing cybercriminals from ever reaching or executing on the endpoint.

AEP products employ sophisticated techniques such as machine learning, pattern recognition, or predictive algorithms to detect and block malware that contains suspicious activities. Additionally, AEP products monitor processes running on endpoints, detect communication with potentially malicious hosts, and conduct audits of file systems and registries. AEP products typically implement automated threat remediation policies and provide containment capabilities to protect the endpoint.

In this second iteration of the NSS Labs AEP Group Test, products were tested against evasions, which have become the latest weapons used by adversaries to circumvent security controls. In addition to evasions, products were also tested against malware delivered through HTTP, email, docs and scripts, offline threats, unknown threats, exploits, and blended threats.

Key findings from the test:

  • The Security Effectiveness of verified products ranged between 59.4% and 99.4%, with 10 of the 20 verified products achieving a rating greater than 95%.
  • The average Security Effectiveness rating was 88.6%; fifteen of the verified products received an above-average Security Effectiveness rating, and five received a below-average Security Effectiveness rating.
  • Nine verified products missed at least one evasion.
  • TCO per Protected Agent for verified products ranged between US$146 and US$1,783, with most tested products costing less than US$750 per protected agent.
  • The average TCO per Protected Agent (Value) was US$690; twelve products demonstrated value above the average, and nine demonstrated value below the average.

“The 2018 Advanced Endpoint Protection Group Test aims to determine how effective AEP products are at protecting against threats, regardless of infection vector or method of obfuscation,” said Jason Brvenik, Chief Technology Officer at NSS Labs. “In this year’s test, only 75% of the products tested achieved 90% or higher security effectiveness. These findings enable enterprises to understand which AEP products are best suited to their use cases and which will best protect their organizations.”

1IDC “Cybercrime the Credentials Connection” March 2016
2Markets and Markets “Endpoint Security Market Worth $17.38 Billion USD by 2020” November 2015
3Ponemon Institute “2017 State of Endpoint Security Risk” November 2017

The following products were tested:

  • Bitdefender GravityZone Elite v6.2.31.985
  • Carbon Black Cb Defense v3.0.2.2
  • Cisco AMP for Endpoints v6.0.5
  • Comodo Advanced Endpoint Protection v3.18.0
  • Cylance CylancePROTECT + OPTICS v2.0.1450
  • Endgame Endpoint Security v2.5
  • enSilo Endpoint Security Platform v2.7
  • ESET Endpoint Protection Standard v6.5.522.0
  • FireEye Endpoint Security v4
  • Fortinet FortiClient v5.6.2
  • G DATA Endpoint Protection Business v14.1.0.67
  • Kaspersky Lab Kaspersky Endpoint Security v10
  • Malwarebytes Endpoint Protection v1.1.1.0
  • McAfee Endpoint Security v10.5
  • Palo Alto Networks Traps v4.1
  • Panda Security Panda Adaptive Defense 360 v2.4.1
  • SentinelOne Endpoint Protection Platform (EPP) v2.0.1.10548
  • Sophos Endpoint Protection 10.7.6 VE3.70.2
  • Symantec Endpoint Protection and Advanced Threat Protection (ATP) Platform v14.0.3876.1100
  • Trend Micro Smart Protection for Endpoints v12.0.1864

NSS Labs is committed to providing empirical data and objective group test results that enable organizations to make educated decisions about purchasing and optimizing security infrastructure products and services. As with all NSS Labs group tests, there is no fee for participation, and the test methodology is available in the public domain to provide transparency and to help enterprises understand the factors behind test results.