PUBLICATION & RESEARCH LIBRARY

Authors: Randy Abrams and Thomas Skybakmoen

Publish Date: November 9, 2015

The explotation of software vulnerabilities is one of the most common and effective cyber-attacks that enterprises face today. Commonly known as drive-by exploits, these attacks silently compromise a victim’s computer without the user being aware. Drive-by exploits have become a favored tool of cyber criminals and other threat actors. Endpoint protection (EPP) products must provide robust defenses against these threats. This test was conducted with live (real-time) web-based exploits being used by threat actors in active campaigns identified with NSS Cyber Advanced Warning SystemTM. In this report NSS tests 10 EPP Products in order to determine which products offer the best protection against drive-by exploits. Tested Products:

  • Bitdefender Endpoint Security v5.3
  • ESET Endpoint Antivirus v6.1
  • Fortinet FortiClient v5.2
  • F-Secure Client Security Premium v11.60
  • G Data Endpoint Protection 13.1
  • McAfee VirusScan Enterprise 8.81
  • Kaspersky Endpoint Security v10.2.2
  • Sophos Endpoint Security and Control v10.3
  • Symantec Endpoint Protection v12.1
  • Trend Micro OfficeScan v11.0

NSS Labs’ comparative analysis of Endpoint protection is based upon empirical data gathered during testing at the NSS Labs facility in Austin, Texas. Testing was performed in accordance with the Security Stack: Test Methodology v1.5.