Next-gen testing for next-gen security products

Bad guys help SE Labs keep its testing up to date.

For the first time in our endpoint protection tests we’ve seen a strong overall performance from both well-established anti-malware brands and newer entrants to the market.

Vendors such as FireEye and Crowdstrike are well-known and respected brands in the security world, but they are relatively new compared to Symantec, McAfee and even Microsoft. Microsoft has not promoted its anti-malware software until quite recently.

It is reassuring to see that behind some of the aggressive marketing campaigns from the last few years there has been truly effective innovation.

Next-gen testing for next-gen security products

Over time SE Labs has tested so-called ‘next-generation’ products from companies such as SentinelOne, FireEye, Crowdstrike and Sophos. Other, vendors may not have released products that appeared to be ‘new’ but most continually develop their products. Even if they don’t rename them.

Microsoft Defender, for example, has come on in leaps and bounds, in terms of protection performance. Arguably today’s version of Defender is as much a ‘next-gen’ product as anything new coming out of Silicon Valley.

Testing with integrity

The reason that we’re trusted by these vendors to test their products is because our testing is also ‘next-gen’. This means that we’re continually innovating and ensuring that the tests we run are:

• accurate
• relevant and
• transparent
  
  

We do this by closely monitoring the highest quality threat intelligence. We only use the most important threats available that affect victims over the same time period as we test. In some cases the bad guys actually help us out! They send (attack) our lab with the same malware that they use against potential victims.

The Emotet malware campaign that ran in July of this year was a notable example.

To maintain transparency we explain in detail how we run each test in each report. We publish detailed methodologies on our website. And we run all of our public tests according to the AMTSO Testing Protocol Standard.

(To find out if these reports comply with the AMTSO Standard check AMTSO’s dedicated page.)

The top-grade results and analysis in this report come to you courtesy of the
hard work and diligence of our in-house hacker testers. And the ‘cooperation’ of criminals on the internet attacking us!