May 08, 2023 | Text: Markus Selinger | Antivirus for Windows
  • Share:

17 Endpoint Security Solutions for Windows put to the Test

Cybersecurity at the endpoint has been a major topic since the widespread ransomware campaigns of APT groups and the collateral damage from the Ukraine-Russia conflict. In its test series on security solutions for corporate users, the lab at AV-TEST evaluated 17 endpoint solutions under Windows 10. The test saw many manufacturers delivering strong results, even earning the additional recognition of TOP PRODUCT.

17 endpoint solutions for corporate users put to the test in terms of detection, performance and false alarms
17 endpoint solutions for corporate users

put to the test in terms of detection, performance and false alarms

zoom

While media coverage names many companies as victims, it doesn't talk about the – luckily – countless cases where attacks were fended off. But that is what many companies report in various studies. In recent studies, over 80 percent of the European companies surveyed related that their firewalls had been attacked several times over the year and had fought off the attacks successfully. The statistics for the rest of the world are presumably quite similar. The favorite point of attack: endpoints in companies. In these attempts, the attackers rely on the notion that employees will fail to detect an attack. All the more reason for good endpoint security to provide perfect service and to take risky decisions out of the hands of people from the beginning.

17 endpoint solution tested in the lab

To comprehensively evaluate an endpoint solution's quality of protection, the lab examines each product for corporate users in the categories of protection, performance and usability (primarily false alarms). In terms of protection, the test category is even further divided up into the real-world test with so-called zero-day malware and the test with the reference set containing recently uncovered malware.

The lab test from January and February 2023 under Windows 10 included the products for corporate users from the following manufacturers: AhnLab, Avast, Bitdefender (Endpoint and Ultra version), Check Point, Kaspersky (Endpoint and Small Office version), Malwarebytes, Microsoft, Seqrite, Sophos, Symantec, Trellix, Trend Micro, VMware, WithSecure and Xcitium.

A brief look at the test result shows many impressive scores. Accordingly, a total of 7 security solutions completed the test with the maximum achievable point score of 18, and an additional 7 attained an excellent score of 17.5. The lowest point scores were 17 out of 18 points, representing a very high level of security.

Security solutions for corporate PCs

Of the 17 endpoint solutions examined for Windows PCs in corporate user environments, 14 received TOP PRODUCT recognition

zoom ico
17 endpoint solutions put to the test

In the detection test under Windows 10, 11 endpoint products fended off the more than 12,000 attackers 100 percent

zoom ico

1

Security solutions for corporate PCs

2

17 endpoint solutions put to the test

Protection: the cornerstone of defense

If malware is detected and stopped immediately, this means that it does not need to be blocked by additional security mechanisms of a solution, involving extra work. That is why the protection test evaluates in two stages the products' effectiveness in detection. In the real-world test, the solutions are required to detect over 350 samples of zero-day malware. In the second stage with the reference set, the object is to filter out and delete additional dangerous malware samples, nearly 12,000. In order to put an even finer point on the result, the lab repeated the entire January test in February.

The high number of malware samples to be detected is not an easy task. And yet the following 11 out of the 17 products delivered 100-percent malware detection in both test stages: AhnLab, Avast, Bitdefender (Endpoint and Ultra version), Check Point, Kaspersky (Endpoint and Small Office version), Microsoft, Symantec, Trellix and Trend Micro. They all received a score of 6 points.

A pity for Xcitium: while it fended off all of the particularly dangerous zero-day malware samples, it only reached 99.9 instead of 100 percent in the reference set in both months.

Sophos and WithSecure struggled with minor problems in one test month of the real-world test: each scoring 99.5 percent. The second month ran error-free.

VMware and Seqrite committed minor errors in detection in both test months of the real-world test: They achieved 98.9 percent in the first month and Seqrite attained 99.4 percent in the second month.

Malwarebytes achieved 98.9 percent, the same scores as VMware and Seqrite in the first test month of the real-world test, but in the second month it only reached 97.8 percent, thus conceding important points.

Performance: the acceptance in an office PC

Workers quickly become irate if their office PCs start juddering or hesitating due to the security software's surveillance of the system. To make sure that won't happen, the lab at AV-TEST evaluates how many system resources are used by the endpoint solutions under Windows. The testers carry out typical operations on several fast high-end PCs and slow office PCs, such as copying files, performing downloads or launching websites. The times measured for these operations then serve as reference values. In the second cycle, they repeat exactly the same operations, but this time with installed security software. The test indicates that unfortunately not all endpoint solutions use system resources sparingly.

But the fact that it is possible to do so is manifest in the products from Avast, Bitdefender, Check Point, Kaspersky (both versions), Malwarebytes, Seqrite Trellix and Trend Micro. For their conservative use of system resources under Windows 10, all the products garnered the full 6 points.

A somewhat higher system load was generated by the system agents from AhnLab, Bitdefender (Ultra), Sophos, Symantec and WithSecure. In these solutions, the testers found a measurable load, and thus made a slight point deduction. These products reached 5.5 out of the possible 6 points.

Only Microsoft, VMware and Xcitium were conspicuous in their somewhat higher system load, and as a result, all had a full point taken off: 5 points.

Check Point Endpoint Security

The security solution for corporate user PCs indicates in all test phases error-free performance, receiving with 18 points the accolade of TOP PRODUCT

zoom ico
Bitdefender Endpoint Security

With 18 points, the endpoint solution attained the maximum point score in this test, and also earned recognition as a TOP PRODUCT

zoom ico
Avast Business Security

The Avast solution for corporate users garnered the additional accolade of TOP PRODUCT for achieving the 18-point mark

zoom ico
Trend Micro Apex One

The security package for corporate user PCs successfully handled all the test tasks, achieving the highest scores attainable with 18 points

zoom ico
Trellix Endpoint Security

The client-server solution from Trellix – formerly McAfee – passed all the test criteria with flying colors. This was rewarded with 18 points and recognition as a TOP PRODUCT

zoom ico
Kaspersky Endpoint Security

The corporate user solution for endpoints, along with the Small Business version, also completed the test with the highest-achievable point score – both are a TOP PRODUCT

zoom ico

1

Check Point Endpoint Security

2

Bitdefender Endpoint Security

3

Avast Business Security

4

Trend Micro Apex One

5

Trellix Endpoint Security

6

Kaspersky Endpoint Security

Usability: the war of nerves through false alarms

Under the test category of usability, the lab examines the behavior of the security agents under Windows in terms of how they handle harmless websites, applications and files. All too often, in the past, there were false positives in this test category, where the software sounded an alarm where none was necessary. In the test, the experts installed popular programs and launched them. In addition, they copied over 1.3 million harmless files to be examined onto the hard drive of the system. Finally, the testers visited 500 innocuous websites.

The result is perfect: All the products earned the maximum point score of 6 for their performance.

Office security: a wide selection for corporate users

Companies seeking an adequate security solution for their requirements really needn't worry about whether the solutions also provide sufficient protection. The final table shows: 14 out of the 17 security solutions for office PCs with Windows 10 examined managed to achieve the perfect score of 18 or an excellent score of 17.5 points in the test. But even the last three finishers with 17 out of 18 points each indicate the high level of security on which the products are running.

If a corporate user looks solely at the detection of attackers, such as Trojans, viruses or ransomware, then a total of 11 solutions passed in flying colors with 100-percent detection throughout the entire test period. 

In case the test scores are still not sufficient to make a decision, responsible managers ought to take a closer look at the Advanced Threat Protection tests. In this test series, the lab confronts the line-up of endpoint products with additional real-life attack scenarios and evaluates their performance.

Social Media

We want to stay in touch with you! Now there is an easy way to receive regular updates on the latest news and test releases.