All Press ReleasesSE LABS Ⓡ, the cyber security testing authority, announced today that Broadcom’s Symantec Endpoint Security Complete (SES-C) successfully detected and defended against a wide range of ransomware attacks in the largest known public test of its kind. These included attempts to compromise target systems using techniques deployed by 15 different ransomware groups that featured 556 ransomware payload files with both known and unknown variants, earning the product a top AAA rating from SE Labs. The complete test results were published today in a new report, “Advanced Security Test Symantec Endpoint Security Complete.”
“Today’s ransomware attacks are much more targeted and persistent. They are aimed at large organisations that can pay ransoms in the millions of dollars,” says Simon Edwards, CEO of SE Labs. “With so much at stake, Symantec Endpoint Security Complete is to be applauded for its extraordinary performance in one of our most demanding tests. This test uses the same tactics and techniques as those used against ransomware victims in recent months.”
Ransomware Solutions Testing
SE Labs assesses how well a product performs against the threat of ransomware by using both Direct Attacks and Deep Attacks in its testing. Direct Attacks consist of a relatively short attack chain that pits the product against a wide distribution of malware. Deep Attacks show a product’s ability to track the movement of an attacker, including laterally, throughout the entire attack chain.
SE Labs tests this by mimicking how attackers breach large organisations by running full, advanced attacks against the target systems and installing malware at the end of each attack. In this part of the test, SE Labs disables the product’s protection features and relies on its detection mode. The results show how incident response teams can use the product to gain visibility on ransomware attacks.
Broadcom’s Symantec Endpoint Security Complete generated alerts for all of the attack stages. This demonstrates that the product not only detected the ransomware in every case but also had thorough insight into the entire process of how the network was hacked. This level of visibility would be a significant advantage for a security professional who is battling a persistent attacker in real time.
“Ransomware groups are highly motivated and, in many cases, highly funded and persistent. Based on our catalogue of more than 500,000 real-world attack chains, we have a deep understanding of the attackers’ TTPs (techniques, tactics and procedures) and use this intelligence to inform how we build our highly effective defence solutions. SE Labs is known for its rigorous testing, so achieving a 100% accuracy rating in both detection and protection in this highly realistic ransomware test reinforces our position that Symantec Endpoint Security Complete delivers the most comprehensive and integrated endpoint security in the market today,” says Adam Bromwich, Vice President, Engineering, Enterprise Security Group, Broadcom.
Broadcom’s Symantec Endpoint Security Complete achieved an Accuracy Rating of 100% for both Detection and Protection and was awarded a top AAA Rating for Advanced Security EDR Protection.
