NSS Labs’ Live Exploit Security Comparative Report focuses on how effectively products block attacks from live, active campaigns. For live testing, NSS employs a unique live test harness, the Cyber Advanced Warning System (CAWS), to measure how well security products protect against “drive-by” exploits that target client applications. (Note: NSS also offers a Security Comparative Report that measures products’ effectiveness against a broad range of exploits and evasions using NSS Labs’ exploit library.) 

The CAWS test harness captures thousands of suspicious URLs per day from threat data generated by NSS and its customers as well as utilizing open-source and commercial threat feeds. This list of URLs is optimized and assigned to victim machines, each of which has a unique combination of operating system (including service pack/patch level), browser, and client application.