AV-Comparatives Announcing the New EDR-Detection-Validation Test

Disclaimer

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Gandalf_The_Grey

Gandalf_The_Grey

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,681
In today’s cybersecurity landscape, endpoint detection and response (EDR) solutions are essential. While traditional security measures focus on prevention, modern threats demand strong detection capabilities. To address this, AV-Comparatives introduces the EDR Detection Validation Test, evaluating the detection effectiveness of enterprise security solutions (EPP, EDR, XDR).

Test Methodology

This test assesses real-world detection performance under APT (Advanced Persistent Threat) scenarios, with all products configured in monitoring mode only (prevention features disabled). Key aspects include:
  • Simulating APT attacks using various Tactics, Techniques, and Procedures (TTPs).
  • Checking for detections via active alerts in the management console or locally.
  • If no immediate alerts appear, applying threat hunting techniques to analyze telemetry data.
  • Using the Empire framework in the initial 2025 phase for execution and evaluation.
  • Providing a detailed report including detection screenshots, whether via alerts or telemetry analysis.
Certification and Reporting

The test follows a certification model:
  • Only products meeting detection criteria will be certified.
  • Certified products will have their reports published to validate their effectiveness.
  • Reports for non-certified products will remain strictly internal.
First Certified Product and Pilot Test

A pilot test conducted in January 2025 successfully certified the first product under this methodology, setting an example for interested vendors.
Click to expand...
www.av-comparatives.org

Announcing the New EDR-Detection-Validation Test

In today's cybersecurity landscape, endpoint detection and response (EDR) solutions are essential. While traditional security measures focus on
www.av-comparatives.org www.av-comparatives.org
 
  • Like
Reactions: Victor M, Nevi, roger_m and 5 others

Similar threads

Gandalf_The_Grey
    • Like
    • Hundred Points
    • Love
AVLab.pl Advanced In-The-Wild Malware Test – January 2025
Replies
3
Views
1,208
Security Statistics and Reports
oldschool
oldschool
Gandalf_The_Grey
    • Like
    • Hundred Points
    • Applause
AV-Comparatives Fake-Shops Detection Test November 2024
Replies
2
Views
538
Security Statistics and Reports
Vitali Ortzi
Vitali Ortzi
Gandalf_The_Grey
    • Like
    • Thanks
    • Wow
AV-Comparatives Advanced Threat Protection (ATP) Test 2024
Replies
0
Views
896
Security Statistics and Reports
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top