Vendor: Sophos
Can Your SMB Endpoint Protection Stop Real Hackers?
In the small business security space, bold claims are everywhere. Most vendors say their endpoint protection stops ransomware, blocks phishing, and detects advanced threats. But when the stakes are high, how many tools can actually deliver? Will your SMB endpoint protection stop real hackers?
Loading…
Reload document 
Open in new tab 
To find out, we test like hackers
At SE Labs, we don’t rely on vendor claims. We Test Like Hackers.
That means replicating real-world attacks using threat intelligence and offensive tools. We create phishing emails, customise exploits, build backdoors and more. We don’t cut corners. We mimic genuine adversaries to see how well products perform under realistic, high-pressure conditions.
SMB Endpoint Protection Stop Real Hackers?
Why do we go to all this trouble? Because businesses need answers grounded in reality, not synthetic benchmarks or scripted demos. We copy the bad guys to discover the truth.
In this comparative report, we put leading endpoint products through rigorous testing. Each product faced the same attack scenarios, allowing us to observe how early they detected threats, whether they blocked them effectively, and how well they protected the system overall.
Which solutions to trust?
If your organisation depends on endpoint security to protect sensitive data, this report will show you which solutions are worth your trust, and which ones may leave you exposed.
We should be able to rely confidently on the security products that everyone tells us we need. The endpoint protection products in this report have undergone the most strenuous testing available, and they’ve come out well. They’ll provide you with strong protection while you use your computer to do something useful, fun or both.
How we test
We tested a variety of anti-malware (aka ‘anti-virus’; aka ‘endpoint security’) products from a range of well-known vendors in an effort to judge which were the most effective. Each product was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public email and web-based threats that were found to be live on the internet at the time of the test. The results indicate how effectively the products were at detecting and/or protecting against those threats in real-time.
Choose your reports and reviews carefully
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.
Can Your Anti-Virus Really Stop a Hacker?
Most anti-virus software claims an ability to block viruses, stop ransomware and protect your personal information. But when a real hacker comes knocking, will it actually work?
At SE Labs, we find out by doing something different.
Loading…
To find out, we test like hackers
We Test Like Hackers. That means we copy real cyber attacks to see how anti-virus programs perform in the real world. We send fake, tricky emails, run ransomware on real Windows systems and try to sneak in through the digital back door, just like the bad guys do.
Don’t just trust the label.
Why? Because the best way to know if your anti-virus works is to test it the same way criminals would.
In this report, we show you how popular security programs for home users handled realistic attacks.
If you’re relying on your anti-virus to protect your online banking, photos, passwords and other personal files, it’s worth knowing if it’s up to the job.
Don’t just trust the label. See how these tools perform when it actually counts.
Which solutions to trust?
If your organisation depends on endpoint security to protect sensitive data, this report will show you which solutions are worth your trust, and which ones may leave you exposed.
We should be able to rely confidently on the security products that everyone tells us we need. The endpoint protection products in this report have undergone the most strenuous testing available, and they’ve come out well. They’ll provide you with strong protection while you use your computer to do something useful, fun or both.
How we test
We tested a variety of anti-malware (aka ‘anti-virus’; aka ‘endpoint security’) products from a range of well-known vendors in an effort to judge which were the most effective. Each product was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public email and web-based threats that were found to be live on the internet at the time of the test. The results indicate how effectively the products were at detecting and/or protecting against those threats in real-time.
Choose your reports and reviews carefully
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.
All reports
01/2025 - 03/2025
Security Evaluation Test Report: Enterprise Endpoint Security (Protection)
Can Your Endpoint Protection Stop a Real Hacker?
In the enterprise security space, bold claims are everywhere. Most vendors say their endpoint protection stops ransomware, blocks phishing, and detects advanced threats. But when the stakes are high, how many tools can actually deliver? Will your endpoint protection stop a real hacker?
Loading…
To find out, we test like hackers
At SE Labs, we don’t rely on vendor claims. We Test Like Hackers.
That means replicating real-world attacks using threat intelligence and offensive tools. We create phishing emails, customise exploits, build backdoors and more. We don’t cut corners. We mimic genuine adversaries to see how well products perform under realistic, high-pressure conditions.
Endpoint Protection Stop a Real Hacker?
Why do we go to all this trouble? Because businesses need answers grounded in reality, not synthetic benchmarks or scripted demos. We copy the bad guys to discover the truth.
In this comparative report, we put leading endpoint products through rigorous testing. Each product faced the same attack scenarios, allowing us to observe how early they detected threats, whether they blocked them effectively, and how well they protected the system overall.
Which solutions to trust?
If your organisation depends on endpoint security to protect sensitive data, this report will show you which solutions are worth your trust, and which ones may leave you exposed.
We should be able to rely confidently on the security products that everyone tells us we need. The endpoint protection products in this report have undergone the most strenuous testing available, and they’ve come out well. They’ll provide you with strong protection while you use your computer to do something useful, fun or both.
How we test
We tested a variety of anti-malware (aka ‘anti-virus’; aka ‘endpoint security’) products from a range of well-known vendors in an effort to judge which were the most effective. Each product was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public email and web-based threats that were found to be live on the internet at the time of the test. The results indicate how effectively the products were at detecting and/or protecting against those threats in real-time.
Choose your reports and reviews carefully
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.
Holding Cyber Security to Account
It’s a phrase I hate: People are the weakest link in cyber security. Technology is supposed to serve humans, not the other way around. When we use computers in our personal and business lives, we have certain goals. Entertainment. Making money. Administering our energy bills, car insurance and any number of other important tasks. But our goals are probably not ‘security’.
Loading…
You are not the weakest link
We should be able to rely confidently on the security products that everyone tells us we need. The endpoint protection products in this report have undergone the most strenuous testing available, and they’ve come out well. They’ll provide you with strong protection while you use your computer to do something useful, fun or both.
How we test
We tested a variety of anti-malware (aka ‘anti-virus’; aka ‘endpoint security’) products from a range of well-known vendors in an effort to judge which were the most effective. Each product was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public email and web-based threats that were found to be live on the internet at the time of the test. The results indicate how effectively the products were at detecting and/or protecting against those threats in real-time.
Choose your reports and reviews carefully
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.
Holding Cyber Security to Account
It’s a phrase I hate: People are the weakest link in cyber security. Technology is supposed to serve humans, not the other way around. When we use computers in our personal and business lives, we have certain goals. Entertainment. Making money. Administering our energy bills, car insurance and any number of other important tasks. But our goals are probably not ‘security’.
Loading…
You are not the weakest link
We should be able to rely confidently on the security products that everyone tells us we need. The endpoint protection products in this report have undergone the most strenuous testing available, and they’ve come out well. They’ll provide you with strong protection while you use your computer to do something useful, fun or both.
How we test
We tested a variety of anti-malware (aka ‘anti-virus’; aka ‘endpoint security’) products from a range of well-known vendors in an effort to judge which were the most effective. Each product was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public email and web-based threats that were found to be live on the internet at the time of the test. The results indicate how effectively the products were at detecting and/or protecting against those threats in real-time.
Choose your reports and reviews carefully
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.
Holding Cyber Security to Account
It’s a phrase I hate: People are the weakest link in cyber security. Technology is supposed to serve humans, not the other way around. When we use computers in our personal and business lives, we have certain goals. Entertainment. Making money. Administering our energy bills, car insurance and any number of other important tasks. But our goals are probably not ‘security’.
Loading…
You are not the weakest link
We should be able to rely confidently on the security products that everyone tells us we need. The endpoint protection products in this report have undergone the most strenuous testing available, and they’ve come out well. They’ll provide you with strong protection while you use your computer to do something useful, fun or both.
How we test
We tested a variety of anti-malware (aka ‘anti-virus’; aka ‘endpoint security’) products from a range of well-known vendors in an effort to judge which were the most effective. Each product was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public email and web-based threats that were found to be live on the internet at the time of the test. The results indicate how effectively the products were at detecting and/or protecting against those threats in real-time.
Choose your reports and reviews carefully
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.
Cyber Security Protection has Truly Evolved
Top-tier anti-virus solutions are undeniably ‘next-generation’. This term was introduced nearly a decade ago by newcomers to the industry: a marketing device designed to compete with almost unassailable anti-malware brands.
“Stop using that tired old anti-virus and try the new, improved approach! No more mistakes. No updates. Full protection!” Problem solved. Except in 2024 I don’t think anyone would claim that malware is a thing of the past.
Cyber security protection has evolved and the leading vendors have embraced advanced technologies to stay ahead of increasingly sophisticated threats. Traditional anti-virus relies solely (or mostly) on signature-based detection. That’s not enough to defend against modern-day attacks like ransomware, file-less malware and zero-day exploits.
Loading…
Cyber security protection has evolved
Next-generation anti-virus is now the benchmark for the best security solutions. These systems go far beyond the old-fashioned model of looking for known malware signatures. Instead, they use a combination of machine learning, artificial intelligence and behavioural analysis to monitor how programs and processes behave in real-time.
How we test
We tested a variety of anti-malware (aka ‘anti-virus’; aka ‘endpoint security’) products from a range of well-known vendors in an effort to judge which were the most effective. Each product was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public email and web-based threats that were found to be live on the internet at the time of the test. The results indicate how effectively the products were at detecting and/or protecting against those threats in real-time.
Choose your reports and reviews carefully
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.
Cyber Security Protection has Evolved
Top-tier anti-virus solutions are undeniably ‘next-generation’. This term was introduced nearly a decade ago by newcomers to the industry: a marketing device designed to compete with almost unassailable anti-malware brands.
“Stop using that tired old anti-virus and try the new, improved approach! No more mistakes. No updates. Full protection!” Problem solved. Except in 2024 I don’t think anyone would claim that malware is a thing of the past.
Cyber security protection has evolved and the leading vendors have embraced advanced technologies to stay ahead of increasingly sophisticated threats. Traditional anti-virus relies solely (or mostly) on signature-based detection. That’s not enough to defend against modern-day attacks like ransomware, file-less malware and zero-day exploits.
Loading…
Cyber security protection has evolved
Next-generation anti-virus is now the benchmark for the best security solutions. These systems go far beyond the old-fashioned model of looking for known malware signatures. Instead, they use a combination of machine learning, artificial intelligence and behavioural analysis to monitor how programs and processes behave in real-time.
How we test
We tested a variety of anti-malware (aka ‘anti-virus’; aka ‘endpoint security’) products from a range of well-known vendors in an effort to judge which were the most effective. Each product was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public email and web-based threats that were found to be live on the internet at the time of the test. The results indicate how effectively the products were at detecting and/or protecting against those threats in real-time.
Choose your reports and reviews carefully
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.
Cyber Security Protection has Evolved
Top-tier anti-virus solutions are undeniably ‘next-generation’. This term was introduced nearly a decade ago by newcomers to the industry: a marketing device designed to compete with almost unassailable anti-malware brands.
“Stop using that tired old anti-virus and try the new, improved approach! No more mistakes. No updates. Full protection!” Problem solved. Except in 2024 I don’t think anyone would claim that malware is a thing of the past.
Cyber security protection has evolved and the leading vendors have embraced advanced technologies to stay ahead of increasingly sophisticated threats. Traditional anti-virus relies solely (or mostly) on signature-based detection. That’s not enough to defend against modern-day attacks like ransomware, file-less malware and zero-day exploits.
Loading…
Cyber security protection has evolved
Next-generation anti-virus is now the benchmark for the best security solutions. These systems go far beyond the old-fashioned model of looking for known malware signatures. Instead, they use a combination of machine learning, artificial intelligence and behavioural analysis to monitor how programs and processes behave in real-time.
How we test
We tested a variety of anti-malware (aka ‘anti-virus’; aka ‘endpoint security’) products from a range of well-known vendors in an effort to judge which were the most effective. Each product was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public email and web-based threats that were found to be live on the internet at the time of the test. The results indicate how effectively the products were at detecting and/or protecting against those threats in real-time.
Choose your reports and reviews carefully
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.
Is AI able to protect your computer systems?
And are attackers using it to breach your network? Artificial Intelligence is ruling the stock market and may be on the verge of ruling the world if you believe the business influencers. If AI is as powerful as some say, surely it should be able to protect our computer systems from hackers?
The products in this test almost certainly rely on AI-related technologies to detect and protect against attacks. These technologies have been running in the background for about 20 years. We can argue that not only does anti-virus/ endpoint protection use AI, but it’s been doing so for many years, and certainly before Cylance claimed to be the first.
But I did something sneaky there. I slid in the word ‘-related’. Because when people talk about ChatGPT and other popular ‘AI’ tools, they are usually talking about something else. They are amazed by the utility of Machine Learning (ML) systems, which appear to be able to mimic human thought in a rather magical way.
Loading…
Choose your reports and reviews carefully
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.
