AV-Comparatives APT Detection Coverage Test 2026

[RansomwareRemediation]

According to gpt chat it is very difficult to know who won the test.
CHATGPT: My honest conclusion

If I had to pick a “conceptual winner”:

The antiviruses with the best detection by behavior (behavioral / heuristics / AI) win
NOT those that depend on signatures.

but if I had to choose it would be
Tier 1 (those who probably win in practice)

bitdefender

Kaspersky

ESET

 

[Jonny Quest]

According to gpt chat it is very difficult to know who won the test.
CHATGPT: My honest conclusion

If I had to pick a “conceptual winner”:

The antiviruses with the best detection by behavior (behavioral / heuristics / AI) win
NOT those that depend on signatures.

but if I had to choose it would be
Tier 1 (those who probably win in practice)

bitdefender

Kaspersky

ESET

Gemini said essentially the same thing (it's difficult to know), along with some of, not all, the other information it provided. I didn't post it all, you all know how to do the AI thing

Observations on Offline vs. Online Protection​

• Execution-Based Protection (Online/Behavioral): This was the strongest area of performance. When products were able to monitor the behavior of a threat during execution, detection rates were exceptionally high. All tested products achieved a detection rate of over 99% for the original, unmodified APT samples during the execution phase.
• Static Scanning (Offline/Signature-Based): While effective against known, documented threats, this method showed clear vulnerabilities. The report highlights that when minor binary modifications were made to samples—changing their file hashes without altering their malicious behavior—detection rates for some products declined. This suggests that protection mechanisms relying heavily on static indicators or offline signatures are less resilient against modified variants of known malware.

Winners and Performance​

There was no single "winner" in the traditional sense, as the report focused on coverage across a broad dataset rather than a ranked competition. However, the results indicate a high standard across the industry for known threats:

• Collective Excellence: All 14 products reached the 99% detection threshold for original APT toolsets.
• Technical Resilience: The products that maintained higher detection rates even when faced with modified variants are positioned as more technically robust, though the report emphasizes that these modifications remain a significant challenge for several engines in the field.

Conclusions of the Review​

• Effectiveness of Consumer Tools: Modern consumer security solutions are generally very effective at protecting against known APT toolsets, proving that these sophisticated threats can be managed by standard high-quality antivirus software.
• Criticality of Behavioral Detection: The report concludes that behavioral analysis, heuristics, and machine-learning technologies are the most critical components for defending against advanced threats. Static detection alone is insufficient for modern APTs that utilize evasion techniques.
• Geopolitical Neutrality: One significant finding was the lack of correlation between a vendor’s geographic origin and its ability to detect specific regional APT groups. Detection gaps are primarily technical hurdles rather than a result of geopolitical influence.
• Need for Evolution: To counter the ongoing evolution of APT techniques, the review stresses that security vendors must continue to improve their ability to generalize detection beyond known file hashes and static indicators.

 

[Halp2001]

What I find most remarkable about this AV-Comparatives test is that, rather than crowning a single 'winner,' it provides us with a resiliency map.

It is notable that practically all solutions exceeded 99% in detecting original samples; that speaks volumes about the current industry standard. However, I believe the real value of the test emerges when we analyze consistency against modified variants.

This is where we see that engines which have historically been benchmarks for their solidity maintain a very linear performance, while others manage to deliver interesting surprises specifically in the execution phase, compensating with behavioral analysis for what sometimes slips through static scanning.

Ultimately, this thread teaches us that there is no absolute winner, but rather an ecosystem of solutions that excel depending on the scenario (offline vs. online, signatures vs. behavior). The valuable takeaway here isn't the ranking, but understanding how each technology evolves to respond when an attacker attempts to evade traditional defenses.

 

[Jonny Quest]

What I find most remarkable about this AV-Comparatives test is that, rather than crowning a single 'winner,' it provides us with a resiliency map.

It is notable that practically all solutions exceeded 99% in detecting original samples; that speaks volumes about the current industry standard. However, I believe the real value of the test emerges when we analyze consistency against modified variants.

This is where we see that engines which have historically been benchmarks for their solidity maintain a very linear performance, while others manage to deliver interesting surprises specifically in the execution phase, compensating with behavioral analysis for what sometimes slips through static scanning.

Ultimately, this thread teaches us that there is no absolute winner, but rather an ecosystem of solutions that excel depending on the scenario (offline vs. online, signatures vs. behavior). The valuable takeaway here isn't the ranking, but understanding how each technology evolves to respond when an attacker attempts to evade traditional defenses.

Agree, it sounds like it wasn't a competition to declare a winner, as with some of their other tests that we're used to in getting a ranking, winner verdict.

 

[Miravi]

All the top competitors should deliver detection roughly in the same neighborhood. While they still provide some valuable insights, antivirus stress tests rarely emulate real-world circumstances of infection that allow software to demonstrate normal preventative measures. Nevertheless, many antiviruses did well here.

It's important to appreciate antiviruses for what they are: intricate systems working on multiple levels to stop infections at multiple stages—for a lot of people.

I think it's at least worth pointing out that ESET has largely bucked the trend of depending on cloud protection. Just look at that offline detection rate. ESET's strength lies in extremely efficient and sophisticated static analysis that can excel in a variety of scenarios, all while keeping real-time protection exceptionally light. Other products in the market are betting big on cloud detection—they offload the heavy lifting to the cloud, and any reasonable degree of protection depends entirely on continuous access to their network.

Keeping reasonably effective threat detection on the local system while preserving performance deserves some respect.

 

[BSONE]

Interesting. Very impressed with Microsoft Defender result. Kicking goals with the big boys.
Quick question: If i was to buy an ESET licence, is there any significant benefit with going with Home security essential VS Home security Premium (I am only interested in the cloud lookup / detonation feature)

 

[Minimalist]

Interesting. Very impressed with Microsoft Defender result. Kicking goals with the big boys.
Quick question: If i was to buy an ESET licence, is there any significant benefit with going with Home security essential VS Home security Premium (I am only interested in the cloud lookup / detonation feature)

Yes, Premium adds Live Guard to protection. It submits suspicious samples to cloud where they are run in sandbox and evaluated by their advanced detection engines.

 

[BSONE]

Yes, Premium adds Live Guard to protection. It submits suspicious samples to cloud where they are run in sandbox and evaluated by their advanced detection engines.

Yep, that was the feature the feature that I was talking about, but forgot the name. Does it make a big difference in real life?

 

[Minimalist]

Yep, that was the feature the feature that I was talking about, but forgot the name. Does it make a big difference in real life?

I'm sorry but I don't know the answer to this question. I'm not performing any malware tests and also don't know of a test which would test this specific feature (i.e. testing and comparing protection with or without this feature).

 

[Miravi]

Yep, that was the feature the feature that I was talking about, but forgot the name. Does it make a big difference in real life?

In my personal experience, not really. I found that I could live without it. In the lower-tier products, you can still take advantage of the LiveGrid reputation system for cloud-based whitelisting and blacklisting. Additionally, after one user in the network has analyzed an unknown file in the LiveGuard sandbox, every other user in the network benefits from the intelligence gathered.

If you want every protection feature possible, LiveGuard is a nice complement to the rest of modules. Premium may only be worth it if you're also interested in the unlimited VPN.

 

[BSONE]

In my personal experience, not really.

Thanks. I will stick with McAfee for the the time being.

 

[Andy Ful]

In my personal experience, not really. I found that I could live without it. In the lower-tier products, you can still take advantage of the LiveGrid reputation system for cloud-based whitelisting and blacklisting. Additionally, after one user in the network has analyzed an unknown file in the LiveGuard sandbox, every other user in the network benefits from the intelligence gathered.

Most malware samples in the wild are morphed and mainly infect only a single machine. So, LiveGuard can still be an important feature.

 

[Parkinsond]

Very impressed with Microsoft Defender result

Agree; from a pure feasibility point of view, I would get noting from paying to AV if not going to be exposed to hundreds of malware samples daily, in order to demonstrate the 0.01% difference according to the test.

 

[Andy Ful]

Agree; from a pure feasibility point of view, I would get noting from paying to AV if not going to be exposed to hundreds of malware samples daily, in order to demonstrate the 0.01% difference according to the test.

It is even worse. The 0.01% difference is a pure illusion. In such tests, the 0.5% difference is very probable even if the compared AVs have the same detection rate in the wild.

Edit.
AV Comparatives mentions this problem in their testing methodology.

 

[Andy Ful]

The AV Comparatives staff could do a cluster analysis of results, as in other tests. In the Phase 4 test on modified samples, we have the first two clusters of close scorings:

Avira 99.97%
Microsoft 99.93%
Avast 99.89%
Panda 99.82%
Kaspersky 99.78%

ESET 99.59%
Bitdefender 99.50%
Malwarebytes 99.41%

In the very optimistic scenario, according to AV Comparatives methodology, all AVs from the first cluster (Avast, Avira, Kaspersky, Microsoft, Panda) must be equally awarded. It is impossible to conclude which one could be better in the wild against modified samples.
In a more pessimistic scenario, those two clusters can be, in fact, one cluster, so the next three AVs will join the awarded group.

I would be very cautious about making conclusions from this test.

 

[Parkinsond]

I would be very cautious about making conclusions from this test.

Panda unexpected results support such a caution.

 

[devjitdutta2025]

Yep, that was the feature the feature that I was talking about, but forgot the name. Does it make a big difference in real life?

You can live without LiveGuard but the Folder Guard is really a great addition to the Premium. I don’t know which people at ESET decide the features to be implemented in specific versions but the Folder Guard should be available in the Essential version also. Unless & until ESET get their heads together, I won’t be renewing it because other Av’s like Norton and AVG provide ransomware protection even in the basic & free versions.

 

[SeriousHoax]

You can live without LiveGuard but the Folder Guard is really a great addition to the Premium. I don’t know which people at ESET decide the features to be implemented in specific versions but the Folder Guard should be available in the Essential version also. Unless & until ESET get their heads together, I won’t be renewing it because other Av’s like Norton and AVG provide ransomware protection even in the basic & free versions.

I agree with you. It was discussed in the ESET forum, but they stuck to their decision.
Just now, I remembered that once I shared a guide on MT on how to implement the Protected Folder/Folder Guard feature in ESET via HIPS:

Thread 'ESET - Implement Protected Folders via HIPS'

Dec 2, 2019

ESET Nod 32/Internet Security/Smart Security​

1. Open ESET. Go to Setup -> Advanced setup -> HIPS -> In the HIPS SETTINGS sections click on the "Edit" button on the right side of Rules. On the new window, click on Add to create a new HIPS rule.

2. Now, put any name you wish in the Rule name section. For Action select "Ask", in Operation affecting toggle "Files". Choose a Logging severity if you want to record logs and click Next. Instead of "Ask" you can also choose "Block" if you wish to simply block all kinds of...

• SeriousHoax
• Replies: 9
• Forum: ESET

• 
• 
• 

 

[Szellem]

You can live without LiveGuard but the Folder Guard is really a great addition to the Premium. I don’t know which people at ESET decide the features to be implemented in specific versions but the Folder Guard should be available in the Essential version also. Unless & until ESET get their heads together, I won’t be renewing it because other Av’s like Norton and AVG provide ransomware protection even in the basic & free versions.

Their business practices are disgusting. That’s why I don’t like them. I understand that there are differences between the various security packages. But these are basic features that other products have! So we might as well call this price discrimination.

 

[RoboMan]

Just finished reading the report.
There's an important note to be fed to the consumers of these reports.

This test mainly measures how well antivirus products detect already known and extensively analyzed APT tools rather than how they would perform against new or unknown threats. Since the dataset is based on publicly documented APT groups, the samples have already been reverse engineered, studied, and integrated into threat intelligence feeds, which means vendors have likely had significant time to build signatures and behavioral detections for them. This creates a bias where detection rates appear very high, not necessarily because the products are highly effective against real APT activity, but because they are being tested against threats that are already well understood. As a result, the methodology ends up reflecting how well products recognize historical malware rather than how resilient they are against novel intrusion techniques or evolving attacker behavior in real-world scenarios.

Take it with a grain of salt, as always.