AV-Comparatives Endpoint Prevention & Response (EPR) Test 2020

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

SeriousHoax

Level 43
Thread author
Verified
Top poster
Well-known
Mar 16, 2019
3,160
AV-Comparatives released the first-ever Endpoint Prevention and Response (EPR) Test, taking into account the total cost of ownership (TCO) of product and breach costs. The EPR CyberRisk Quadrant™ shows at a glance the Strategic Leaders, CyberRisk Visionaries and Strong Challengers.
Endpoint prevention and response (EPR) products are used in enterprises to detect, prevent, analyse and respond to targeted attacks such as advanced persistent threats (ATPs). Whilst endpoint security products are expected to detect and block malware and network attacks on individual workstations, EPR products have to deal with multi-stage attacks that aim to infiltrate an organisation’s entire network. In addition to protecting individual devices, endpoint prevention and response systems are expected to provide detailed analysis of an attack’s origin, methods and aims. This allows security staff to understand the nature of the threat, prevent it from spreading, remediate any damage done, and take precautions to prevent similar attacks in the future.
AV-Comparatives’ Endpoint Prevention and Response Test is the most comprehensive test of EPR products ever performed. The 9 products in the test were subjected to 49 separate targeted attacks, which used a variety of different techniques. If left unchecked, the attacks would progress through three separate phases: Endpoint Compromise and Foothold; Internal Propagation; Asset Breach. At each stage, the test determined whether the product detected the attack, took automated action to block the threat (active response), or provided information about the attack which the administrator could use to take action themselves (passive response). If an EPR product did not block an attack at one stage, the attack would continue to the next phase, and the product’s response here would be noted.
1.png2.PNG3.PNG
According to the test based on cost and response capability, it can be said that ESET gives you "the most bang for your bucks" in this category (y)
Really weird to see some vendors didn't want their name to be showed. I wonder which vendors are they!
Read the full report here: