Latest News
July 11, 2024 | Antivirus for Windows
Advanced EDR test 2024: Acronis Cyber Protect with advanced security + EDR pack
AV-TEST conducted a comprehensive evaluation of Acronis Cyber Protect with Advanced Security + EDR package from December 2023 to January 2024, focusing on the Endpoint Detection and Response (EDR) capabilities. The evaluation aimed to assess the effectiveness of the EDR component in detecting and neutralizing threats commonly associated with sophisticated actor groups known for advanced persistent threats (APTs). The assessment included detailed test scenarios simulating two different attack patterns, each representing a wide range of tactics and techniques typically used by advanced attackers.
A test commissioned by Acronis
and carried out by AV-TEST GmbH
Scenario 1 - APT18-like cyber espionage:
In this scenario, the system's resilience was tested against a well-coordinated attack by APT18, a group known for its sophisticated cyber espionage operations. The test recreated the group's known behaviors, such as spear phishing, system discovery, data collection and obfuscation methods. The main objective was to evaluate the product's ability to detect, respond to and mitigate sophisticated attack vectors to gain insight into organizations' cybersecurity defenses.
In Scenario 1, Acronis Cyber Protect with Advanced Security + EDR Pack demonstrated robust detection capabilities by successfully identifying numerous techniques used in multiple steps of the attack. The product's effective monitoring and detection framework proved critical in thwarting sophisticated cyber threats.
Acronis excelled in the quality of detection, providing detailed and actionable insights at every step. It was able to effectively categorize the techniques and provide comprehensive insight into the tactics and techniques of the attack. This performance underscores the ability of Acronis Cyber Protect with Advanced Security + EDR Pack to handle complex cyber espionage attempts.
Scenario 2 - Mixed tactics similar to TA577, Turla and FIN6:
The second scenario mimicked the operational tactics of various notorious groups, including TA577, Turla and FIN6, and featured a complex mix of phishing, data manipulation and lateral movement techniques. The goal of this test was to evaluate the system's defenses against multi-layered and advanced threats designed to steal sensitive information and establish a long-term presence on the network. Scenario 2 included a range of techniques. Acronis Cyber Protect with Advanced Security + EDR Pack successfully detected most of these techniques, demonstrating its ability to adapt to different threat behaviors and effectively combat a wide range of cyber threats. The product's response to these scenarios confirmed its ability to protect systems against sophisticated and diverse attacks.
Although there was one instance where data exfiltration via a command and control channel was not detected, the overall performance of Acronis Cyber Protect with Advanced Security + EDR Pack was impressive in both scenarios. The product's ability to consistently deliver high-quality detections underscores its potential to protect organizations from evolving and complex cyber threats. Based on the observed results, Acronis Cyber Protect with Advanced Security + EDR Pack qualifies for the prestigious AV-TEST Approved Advanced Endpoint Detection and Response Certification, which recognizes it as a reliable and effective solution in the field of cybersecurity.