AV-Comparatives Business Security Test 2020 (August – November)

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,232
Introduction

This is the second half-year report of our Business Main-Test Series of 2020, containing the results of the Business Real-World Protection Test (August-November), Business Malware Protection Test (September), Business Performance Test (November), as well as the Product Reviews.

Information about additional third-party engines/signatures used by some of the products: Acronis, Cisco, Cybereason, FireEye, G Data and Vipre use the Bitdefender engine (in addition to their own protection features). VMware uses the Avira engine (in addition to their own protection features). G Data’s OutbreakShield is based on Cyren.

ESET Endpoint Protection Advanced Cloud has recently been renamed in ESET PROTECT Entry.

We congratulate the vendors who are participating in the Business Main-Test Series for having their business products publicly tested by an independent lab, showing their commitment to improving their products, being transparent to their customers and having confidence in their product quality.

Test Procedure

The test series consists of three main parts:

The Real-World Protection Test mimics online malware attacks that a typical business user might encounter when surfing the Internet.

The Malware Protection Test considers a scenario in which the malware pre-exists on the disk or enters the test system via e.g. the local area network or removable device, rather than directly from the Internet.

In addition to each of the protection tests, a False-Positives Test is conducted, to check whether any products falsely identify legitimate software as harmful.

The Performance Test looks at the impact each product has on the system’s performance, i.e. how much it slows down normal use of the PC while performing certain tasks.

To complete the picture of each product’s capabilities, there is a user-interface review included in the report as well.

Some of the products in the test are clearly aimed at larger enterprises and organisations, while others are more applicable to smaller businesses. Please see each product’s review section for further details.
 

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,232
Hi @Gandalf_The_Grey, as far as I can see(read)Bitdefender & Kaspersky is the winners of this test with Microsoft as runner up, Avast did well also.
what do you think? :) :DEset & K7 did amazingly well!
It's complicated because there is no overall score if I read the article correctly.

Real-World Protection:

Blocked
User dependentCompromisedPROTECTION RATE
[Blocked % + (User dependent %)/2]*
False Alarms
Kaspersky800199.9%2
Avast800199.9%8
Fortinet800199.9%10
Panda800199.9%32
ESET799299.8%1
VIPRE799299.8%3
Bitdefender, Microsoft799299.8%5
K7797499.5%29
G Data796598.4%8
Elastic7911098.8%17
Sophos7871498.3%4
SparkCognition7851698.0%3
Crowdstrike7831897.8%20
Acronis7821997.6%1
VMWare7821997.6%4
Cisco7722996.4%2
FireEye7653695.5%2
Cybereason*7346791.6%32

Malware Protection and false alarms:

Malware Protection Rate
False Alarms on common business software
Avast, Fortinet, G Data, Microsoft, VMware100%0
Bitdefender, ESET, K799.9%0
Cisco, FireEye, Kaspersky, Sophos99.7%0
Crowdstrike, Vipre99.6%0
Cybereason, Elastic99.5%0
Acronis99.4%0
SparkCognition99.3%0
Panda99.2%0

Performance:

AVC Score
PC Mark ScoreImpact Score
1.ESET, K79098.81.2
2.Elastic9098.51.5
3.Kaspersky9097.62.4
4.Bitdefender9097.42.6
5.Avast9096.73.3
6.CrowdStrike, Panda9096.43.6
7.VMware8596.38.7
8.SparkCognition8097.312.7
9.VIPRE8097.112.9
10.FireEye8096.813.2
11.G DATA7896.315.7
12.Acronis, Cisco7597.917.1
13.Sophos7597.617.4
14.Microsoft7596.718.3
15.Cybereason7595.619.4
16.Fortinet5397.239.8

For all test I would call Avast the winner followed by Bitdefender and Kaspersky.
Microsoft is severely punished by the performance test.
 

bayasdev

Level 19
Verified
Top Poster
Well-known
Sep 10, 2015
901
MS Defender doesn't stops amazing me, each day it gets closer to the top players in terms of malware detection but they still need to further optimize the engine by implementing some kind of caching like other AVs do.
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,862
Vendors who make products specially for business did far worse than vendors who have both home and business products.
There's hardly any difference between the top products but Real World, Malware Protection, False Positives and Performance tests combined the overall winner here is Avast.
Bitdefender, ESET, Kaspersky in second place.
 

Vitali Ortzi

Level 24
Verified
Top Poster
Well-known
Dec 12, 2016
1,319
As I like to say, the first system tweak I do on weak computers is to completely disable Microsoft Defender, because it's really hard for the old PC.

What really surprises me is the ever good (there are a lot of false positives, but the protection is quite good, according to the Real-World Protection Test July-October 2020) results of Panda in av-comparatives tests, although in amateur tests it is practically one of the worst known antiviruses.
with all the love i have for windows defender disabling is a must but only on a really low end system
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,862
Those vendors often have "FREE" editions of their products to gain more threat intelligence and improve their paid/enterprise products
You're right. I have also said this before. Avast and WD has always been free so, that's that.
Later Bitdefender and then Kaspersky released a free version with the main purpose of gathering threat intelligence.
 
F

ForgottenSeer 89360

Vendors who make products specially for business did far worse than vendors who have both home and business products.
There's hardly any difference between the top products but Real World, Malware Protection, False Positives and Performance tests combined the overall winner here is Avast.
Bitdefender, ESET, Kaspersky in second place.
Glad it’s not only me who sees their great performance 👍🏻
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,481
Windows Defender is tested by AV-Comparatives in the business environment without most of the advanced settings, which is strange (ASR rules, Network Protection, and CFA are disabled):
"Microsoft: Cloud protection level set to “High”, Cloud-delivered protection set to “Advanced”. Google Chrome extension “Windows Defender Browser Protection” installed and enabled."
https://www.av-comparatives.org/tests/business-security-test-2020-march-june/#product-settings

The advanced settings (ASR rules enabled) are tested by MRG Effitas in 360 Assessment & Certification tests.
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,862
Windows Defender is tested by AV-Comparatives in the business environment without most of the advanced settings, which is strange (ASR rules, Network Protection, and CFA are disabled):
"Microsoft: Cloud protection level set to “High”, Cloud-delivered protection set to “Advanced”. Google Chrome extension “Windows Defender Browser Protection” installed and enabled."
https://www.av-comparatives.org/tests/business-security-test-2020-march-june/#product-settings

The advanced settings (ASR rules enabled) are tested by MRG Effitas in 360 Assessment & Certification tests.
These changes were made because Microsoft asked them to do so. It's surprising that they didn't want the ASR rules to be enabled. Something related to false positives maybe?
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,481
These changes were made because Microsoft asked them to do so. It's surprising that they didn't want the ASR rules to be enabled. Something related to false positives maybe?
I think that the setup was adjusted to the test scenario which does not include targeted attacks. The samples were gathered just like in the consumer tests (Home user scenario) and only the AV settings were applied in accordance with the vendor’s guidelines. So, adding the ASR rules, Network protection, etc., would not change the test results and could increase the false positives rate. In MRG Effitas tests, the targeted attacks are included in the Exploit/Fileless part and this makes an important difference.:unsure:

Edit.
The WD setup from this test is similar to ConfigureDefender HIGH settings (without ASR rules and Network Protection).
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,481
The cumulative statistics (August-November 2018 - August-November 2020)

AV-Comparatives Business Security (sorted by the sum of missed samples)

-- AV Vendor--------------- Total missed samples
Bitdefender.................=6____7
Microsoft....................=13__10
Avast...........................=22___3
Panda..........................=10__18
VIPRE..........................=14__22
Kaspersky...................=9___35
Sophos........................=30__20 (first scoring averaged)
ESET............................=30__34
Fortinet.......................=84__36
CrowdStrike................=81__73
FireEye........................=155_71

The first value in a__b is the total number of missed samples in Real-World tests, the second is the same for Malware Protection tests.

I am not sure how a__b can be combined together in the business environment, but it seems that the missed samples in Malware Protection tests are less important. Also, the errors related to the small number of tested samples and the small number of tests do not allow differentiation between Avast, Bitdefender, Kaspersky, Microsoft, Panda, and Vipre to see the protection in the wild. The scorings of Sophos and Eset are very close to the top AVs. Fortinet, CrowdStrike, and FireEye have got scorings sufficiently low, to differentiate them from other AVs.

Business Security Test 2018 (August - November) - AV-Comparatives (av-comparatives.org)
Business Security Test 2019 (March - June) - AV-Comparatives (av-comparatives.org)
Business Security Test 2019 (August - November) - AV-Comparatives (av-comparatives.org)
Business Security Test 2020 (March - June) - AV-Comparatives (av-comparatives.org)
Business Security Test 2020 (August - November) - AV-Comparatives (av-comparatives.org)
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top